[Touch-packages] [Bug 1549709] Re: getting "unable to get local issuer certificate" for valid domains after upgrading to 20160104ubuntu0.14.04.1

[Marc Deslauriers]

Thanks! I've closed the bug.

** Changed in: ca-certificates (Ubuntu)
   Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1549709

Title:
  getting "unable to get local issuer certificate" for valid domains
  after upgrading to 20160104ubuntu0.14.04.1

Status in ca-certificates package in Ubuntu:
  Invalid

Bug description:
  Several 14.04 servers were reporting problems connecting to different
  sites and APIs this morning.

  I'm not entirely sure, but looking at /var/log/apt/history (showing
  ca-certificates:amd64 (20141019ubuntu0.14.04.1,
  20160104ubuntu0.14.04.1)) in combination with what I believe is
  causing the connection problems made me file this bug.

  If I'm right this is probably pretty bad, since all connections initiated
  by this server checking a SSL certificate will fail and actually that's
  exactly what happened here.

  Here is an example where I check a valid ssl domain like
  www.google.com resulting in an Verify return code: 20 (unable to get
  local issuer certificate) while my non 14.04LTS-machines kept
  accepting it:

  echo | openssl s_client -connect www.google.com:443
  CONNECTED(0003)
  depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
  verify error:num=20:unable to get local issuer certificate
  verify return:0
  ---
  Certificate chain
   0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
     i:/C=US/O=Google Inc/CN=Google Internet Authority G2
   1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
     i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
     i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
  ---
  Server certificate
  -BEGIN CERTIFICATE-
  MIIEgDCCA2igAwIBAgIIXDR9H6fDVBgwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
  BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
  cm5ldCBBdXRob3JpdHkgRzIwHhcNMTYwMjE3MTAyMDE3WhcNMTYwNTE3MDAwMDAw
  WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
  TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOd3d3
  Lmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8+Ugs
  pBXm3zFVRCA6k8DEXqpCf4Zw79y1dbgPuGHdw1NXawEvy8M4K3slQAwRBbGJO34Y
  mVQEeJRK98kJ+dBAajlKGbOkqfk7ZdPpl50zSb+OmM5As4+w1K6gWo9CPt525PyS
  /g/vdSj81XgCFQPNSLeTP2Uj6ZlXZpSyc1Ti+P6QZ/omOHtC/Lo1b9baQyQf7E7h
  MOyTh8TAqJjTeVwg50SKhjzTRiY8t94JBXMknDL0eczEMtZRt5+Fwxe0li3xg5Aw
  0bESlWU7qGluvjz+GFbSTdHfAIzYXxp86+zVvdyDTWGC5344GGtYCr5PRDNalV5o
  wBxUVe6l1VYXBKDVAgMBAAGjggFLMIIBRzAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
  KwYBBQUHAwIwGQYDVR0RBBIwEIIOd3d3Lmdvb2dsZS5jb20waAYIKwYBBQUHAQEE
  XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0
  MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G
  A1UdDgQWBBTiRG9FdyKQOTNltPaXqgJRKlSlPjAMBgNVHRMBAf8EAjAAMB8GA1Ud
  IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMCEGA1UdIAQaMBgwDAYKKwYBBAHW
  eQIFATAIBgZngQwBAgIwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n
  bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAIUTrfaaB+cJSk20L
  RHqDwaLWe8cyLR8Ks4Vee/ZxLQDcPuxItvlho0N+/j5ZUnU1XseyiE9yD6ezmY7e
  ChyXUlzKzMdLyvjy7/EzTViW28Czbnp/JepBUipMDhJz7EMLdvqkw2cs0BwevRkU
  6jzbQoYzOCalmWs1Mt4S8AyklbMHUjo/vOcs4+RePG9evxV0yWxCDNgLZbMckxcg
  vL4S5P8C4cY96+qhRwR/ErYHFRkuniQleLz1tEMkei5sK3tY5Sae0uTGH2Z30fs0
  RViv9SFdfjMQDMFmEabPoNermhUx9hjENfMvWqJ1r+dbDTl3ANt/feNa+d6Z3Zpz
  MUtO9Q==
  -END CERTIFICATE-
  subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
  issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 3727 bytes and written 421 bytes
  ---
  New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
  Server public key is 2048 bit
  Secure Renegotiation IS supported
  Compression: NONE
  Expansion: NONE
  SSL-Session:
  Protocol  : TLSv1.2
  Cipher: ECDHE-RSA-AES128-GCM-SHA256
  Session-ID: 
6635C1B245005CBE38B6B857F422476F6CE8963462561E0A8AA926AEE25CA711
  Session-ID-ctx:
  Master-Key: 
89C73689FE905D803AB2589FF70FA5B0466DB3EC372333B7A22EFF03A6D60314C84AA9B6DAAF7D1D64F4882E1B463838
  Key-Arg   : None
  PSK identity: None
  PSK identity hint: None
  SRP username: None
  TLS session ticket lifetime hint: 100800 (seconds)
  TLS session ticket:
   - 82 ef b9 02 2c a1 b6 6f-a0 6c cd 1f 87 ff 3a 83   ,..o.l:.
  0010 - 6c 27 c3 3c 9b 00 91 90-72 a4 8c 34 ca 6a 45 fd   l'.

[Touch-packages] [Bug 1549709] Re: getting "unable to get local issuer certificate" for valid domains after upgrading to 20160104ubuntu0.14.04.1

[Marc Deslauriers]

The openssl tools in Ubuntu 14.04 never did use the system CA file by
default. That was fixed in later releases. So it's normal that you don't
need to specify it manually when using 15.10 for example, but do need to
specify it in 14.04.

The path to it has always been /etc/ssl/certs/ca-certificates.crt.

Are you still having issues after updating openssl and restarting your
services?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1549709

Title:
  getting "unable to get local issuer certificate" for valid domains
  after upgrading to 20160104ubuntu0.14.04.1

Status in ca-certificates package in Ubuntu:
  Incomplete

Bug description:
  Several 14.04 servers were reporting problems connecting to different
  sites and APIs this morning.

  I'm not entirely sure, but looking at /var/log/apt/history (showing
  ca-certificates:amd64 (20141019ubuntu0.14.04.1,
  20160104ubuntu0.14.04.1)) in combination with what I believe is
  causing the connection problems made me file this bug.

  If I'm right this is probably pretty bad, since all connections initiated
  by this server checking a SSL certificate will fail and actually that's
  exactly what happened here.

  Here is an example where I check a valid ssl domain like
  www.google.com resulting in an Verify return code: 20 (unable to get
  local issuer certificate) while my non 14.04LTS-machines kept
  accepting it:

  echo | openssl s_client -connect www.google.com:443
  CONNECTED(0003)
  depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
  verify error:num=20:unable to get local issuer certificate
  verify return:0
  ---
  Certificate chain
   0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
     i:/C=US/O=Google Inc/CN=Google Internet Authority G2
   1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
     i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
     i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
  ---
  Server certificate
  -BEGIN CERTIFICATE-
  MIIEgDCCA2igAwIBAgIIXDR9H6fDVBgwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
  BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
  cm5ldCBBdXRob3JpdHkgRzIwHhcNMTYwMjE3MTAyMDE3WhcNMTYwNTE3MDAwMDAw
  WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
  TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOd3d3
  Lmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8+Ugs
  pBXm3zFVRCA6k8DEXqpCf4Zw79y1dbgPuGHdw1NXawEvy8M4K3slQAwRBbGJO34Y
  mVQEeJRK98kJ+dBAajlKGbOkqfk7ZdPpl50zSb+OmM5As4+w1K6gWo9CPt525PyS
  /g/vdSj81XgCFQPNSLeTP2Uj6ZlXZpSyc1Ti+P6QZ/omOHtC/Lo1b9baQyQf7E7h
  MOyTh8TAqJjTeVwg50SKhjzTRiY8t94JBXMknDL0eczEMtZRt5+Fwxe0li3xg5Aw
  0bESlWU7qGluvjz+GFbSTdHfAIzYXxp86+zVvdyDTWGC5344GGtYCr5PRDNalV5o
  wBxUVe6l1VYXBKDVAgMBAAGjggFLMIIBRzAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
  KwYBBQUHAwIwGQYDVR0RBBIwEIIOd3d3Lmdvb2dsZS5jb20waAYIKwYBBQUHAQEE
  XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0
  MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G
  A1UdDgQWBBTiRG9FdyKQOTNltPaXqgJRKlSlPjAMBgNVHRMBAf8EAjAAMB8GA1Ud
  IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMCEGA1UdIAQaMBgwDAYKKwYBBAHW
  eQIFATAIBgZngQwBAgIwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n
  bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAIUTrfaaB+cJSk20L
  RHqDwaLWe8cyLR8Ks4Vee/ZxLQDcPuxItvlho0N+/j5ZUnU1XseyiE9yD6ezmY7e
  ChyXUlzKzMdLyvjy7/EzTViW28Czbnp/JepBUipMDhJz7EMLdvqkw2cs0BwevRkU
  6jzbQoYzOCalmWs1Mt4S8AyklbMHUjo/vOcs4+RePG9evxV0yWxCDNgLZbMckxcg
  vL4S5P8C4cY96+qhRwR/ErYHFRkuniQleLz1tEMkei5sK3tY5Sae0uTGH2Z30fs0
  RViv9SFdfjMQDMFmEabPoNermhUx9hjENfMvWqJ1r+dbDTl3ANt/feNa+d6Z3Zpz
  MUtO9Q==
  -END CERTIFICATE-
  subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
  issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 3727 bytes and written 421 bytes
  ---
  New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
  Server public key is 2048 bit
  Secure Renegotiation IS supported
  Compression: NONE
  Expansion: NONE
  SSL-Session:
  Protocol  : TLSv1.2
  Cipher: ECDHE-RSA-AES128-GCM-SHA256
  Session-ID: 
6635C1B245005CBE38B6B857F422476F6CE8963462561E0A8AA926AEE25CA711
  Session-ID-ctx:
  Master-Key: 
89C73689FE905D803AB2589FF70FA5B0466DB3EC372333B7A22EFF03A6D60314C84AA9B6DAAF7D1D64F4882E1B463838
  Key-Arg   : None
  PSK identity: None
  PSK identity hint: None
  SRP username: None
  TLS session ticket lifetime hint: 100800 (seconds)
  TLS session ticket:
   - 82 ef b9 02 2c a1 b6 6f-a0 6c cd 1f 87 ff 3a 83   ,..o.l:.
  0010 - 6c 27 c3 3c 9b 00 91 90-72 a4 8c 34 ca 6a 45 fd   l'.

[Touch-packages] [Bug 1550643] Re: Please backport OpenSSL SNI signature algorithms fix.

[Marc Deslauriers]

** Also affects: openssl (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Also affects: openssl (Ubuntu Precise)
   Importance: Undecided
   Status: New

** Changed in: openssl (Ubuntu Precise)
   Status: New => Confirmed

** Changed in: openssl (Ubuntu Trusty)
   Status: New => Confirmed

** Changed in: openssl (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: openssl (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: openssl (Ubuntu Precise)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: openssl (Ubuntu Trusty)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: openssl (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1550643

Title:
  Please backport OpenSSL SNI signature algorithms fix.

Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Precise:
  Confirmed
Status in openssl source package in Trusty:
  Confirmed

Bug description:
  If an OpenSSL consumer uses SSL_set_SSL_CTX (very commonly done with
  SNI), OpenSSL 1.0.1i and earlier lose internal state relating to TLS
  1.2 which causes it to forget the peer's digest preferences. The end
  result is such servers will *only* sign SHA-1 ServerKeyExchanges in
  TLS 1.2, even if the peer advertises other hashes or even doesn't
  advertise SHA-1 at all.

  See:
  https://rt.openssl.org/Ticket/Display.html?id=3560
  https://bugzilla.redhat.com/show_bug.cgi?id=1150033
  
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4e05aedbcab7f7f83a887e952ebdcc5d4f2291e4
  http://www.ietf.org/mail-archive/web/tls/current/msg19195.html

  Glancing at packages.ubuntu.com, this seems to affect Ubuntu vivid and
  below. It would be greatly appreciated if you would backport this fix
  to all applicable releases so Ubuntu servers do not become the
  limiting factor in someday removing SHA-1 here.

  The links above should have reproduction steps you can use to confirm
  the bug and test the fix. (Note that it requires a build of OpenSSL
  1.0.2 to confirm the bug. OpenSSL 1.0.1's s_client doesn't print the
  necessary information.)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1550643/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1550423] Re: ERR_SSL_PROTOCOL_ERROR

[Marc Deslauriers]

Chrome 45 is too old. You need to update to Chrome 47 or later,
preferably to the current version, Chrome 48.

I am closing this bug as running an old version of Chrome is not
supported.

** Changed in: nss (Ubuntu)
   Status: Incomplete => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1550423

Title:
  ERR_SSL_PROTOCOL_ERROR

Status in nss package in Ubuntu:
  Won't Fix

Bug description:
  After update of ca-certicates chrome give me this error

  SSL connection error

  ERR_SSL_PROTOCOL_ERROR
  Hide details
  Unable to make a secure connection to the server. This may be a problem with 
the server, or it may be requiring a client authentication certificate that you 
don't have.

  ProblemType: Bug
  DistroRelease: Ubuntu 15.10
  Package: ca-certificates 20160104ubuntu0.15.10.1
  ProcVersionSignature: Ubuntu 4.2.0-30.35-generic 4.2.8-ckt3
  Uname: Linux 4.2.0-30-generic x86_64
  ApportVersion: 2.19.1-0ubuntu5
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Fri Feb 26 18:16:06 2016
  InstallationDate: Installed on 2014-03-31 (696 days ago)
  InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Daily amd64 (20140331)
  PackageArchitecture: all
  SourcePackage: ca-certificates
  SystemImageInfo: Error: command ['system-image-cli', '-i'] failed with exit 
code 2:
  UpgradeStatus: Upgraded to wily on 2015-09-19 (160 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1550423/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528645] Re: Please update ca-certificates on Trusty

[Marc Deslauriers]

You need to restart everything that uses libssl, perhaps only the web
server, you'll see when you try it.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1528645

Title:
  Please update ca-certificates on Trusty

Status in ca-certificates package in Ubuntu:
  Fix Released
Status in ca-certificates source package in Precise:
  Fix Released
Status in ca-certificates source package in Trusty:
  Fix Released
Status in ca-certificates source package in Wily:
  Fix Released
Status in ca-certificates source package in Xenial:
  Fix Released

Bug description:
  Hi
  The ca-certificates package on Trusty is quite out of date, would it be 
possible for someone to update the package to the version from Xenial?

  ProblemType: Bug
  DistroRelease: Ubuntu 15.10
  Package: ca-certificates 20150426ubuntu1
  ProcVersionSignature: Ubuntu 4.2.0-18.22-generic 4.2.3
  Uname: Linux 4.2.0-18-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.19.1-0ubuntu5
  Architecture: amd64
  CurrentDesktop: KDE
  Date: Tue Dec 22 18:57:08 2015
  InstallationDate: Installed on 2015-10-05 (78 days ago)
  InstallationMedia: Kubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20150825.1)
  PackageArchitecture: all
  SourcePackage: ca-certificates
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1528645/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1550423] Re: ERR_SSL_PROTOCOL_ERROR

[Marc Deslauriers]

What version of Chrome are you running?

** Package changed: ca-certificates (Ubuntu) => nss (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1550423

Title:
  ERR_SSL_PROTOCOL_ERROR

Status in nss package in Ubuntu:
  Incomplete

Bug description:
  After update of ca-certicates chrome give me this error

  SSL connection error

  ERR_SSL_PROTOCOL_ERROR
  Hide details
  Unable to make a secure connection to the server. This may be a problem with 
the server, or it may be requiring a client authentication certificate that you 
don't have.

  ProblemType: Bug
  DistroRelease: Ubuntu 15.10
  Package: ca-certificates 20160104ubuntu0.15.10.1
  ProcVersionSignature: Ubuntu 4.2.0-30.35-generic 4.2.8-ckt3
  Uname: Linux 4.2.0-30-generic x86_64
  ApportVersion: 2.19.1-0ubuntu5
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Fri Feb 26 18:16:06 2016
  InstallationDate: Installed on 2014-03-31 (696 days ago)
  InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Daily amd64 (20140331)
  PackageArchitecture: all
  SourcePackage: ca-certificates
  SystemImageInfo: Error: command ['system-image-cli', '-i'] failed with exit 
code 2:
  UpgradeStatus: Upgraded to wily on 2015-09-19 (160 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1550423/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528645] Re: Please update ca-certificates on Trusty

[Marc Deslauriers]

Did you restart your server after the update in order to use the new
version of libssl?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1528645

Title:
  Please update ca-certificates on Trusty

Status in ca-certificates package in Ubuntu:
  Fix Released
Status in ca-certificates source package in Precise:
  Fix Released
Status in ca-certificates source package in Trusty:
  Fix Released
Status in ca-certificates source package in Wily:
  Fix Released
Status in ca-certificates source package in Xenial:
  Fix Released

Bug description:
  Hi
  The ca-certificates package on Trusty is quite out of date, would it be 
possible for someone to update the package to the version from Xenial?

  ProblemType: Bug
  DistroRelease: Ubuntu 15.10
  Package: ca-certificates 20150426ubuntu1
  ProcVersionSignature: Ubuntu 4.2.0-18.22-generic 4.2.3
  Uname: Linux 4.2.0-18-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.19.1-0ubuntu5
  Architecture: amd64
  CurrentDesktop: KDE
  Date: Tue Dec 22 18:57:08 2015
  InstallationDate: Installed on 2015-10-05 (78 days ago)
  InstallationMedia: Kubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20150825.1)
  PackageArchitecture: all
  SourcePackage: ca-certificates
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1528645/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1517040] Re: wpa 2.4 misses one patch from Debian to improve 2.4/5 GHz AP selection

[Marc Deslauriers]

ACK on the debdiff in comment #1, uploading now. Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to wpa in Ubuntu.
https://bugs.launchpad.net/bugs/1517040

Title:
  wpa 2.4 misses one patch from Debian to improve 2.4/5 GHz AP selection

Status in wpa package in Ubuntu:
  New
Status in wpa package in Debian:
  Fix Released

Bug description:
  Debian's 2.3 has four cherry-picked commits
  (https://tracker.debian.org/news/710475):

    
https://w1.fi/cgit/hostap/commit/wpa_supplicant/scan.c?id=f0d0a5d23bd406a60358add9fa101b49dc9f9039
    
https://w1.fi/cgit/hostap/commit/wpa_supplicant/scan.c?id=a1b790eb9d7514d1a6e0582a07f695a1564caa59
    
https://w1.fi/cgit/hostap/commit/wpa_supplicant/scan.c?id=8b2b718da9884d66684befe99d1fbdd9abe5fb5e
    
https://w1.fi/cgit/hostap/commit/wpa_supplicant/scan.c?id=aa517ae22784aff08d3d9e38ad101b4b5c9828fb

  Only the
  
https://w1.fi/cgit/hostap/commit/wpa_supplicant/scan.c?id=aa517ae22784aff08d3d9e38ad101b4b5c9828fb
  is missing from Ubuntu's wpa 2.4.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1517040/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1532648] Re: Please merge openldap 2.4.42+dfsg-2 (main) from Debian testing (main)

[Marc Deslauriers]

Merge looks good. Uploading. Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1532648

Title:
  Please merge openldap 2.4.42+dfsg-2 (main) from Debian testing (main)

Status in openldap package in Ubuntu:
  Confirmed

Bug description:
  Please merge openldap 2.4.42+dfsg-2 (main) from Debian testing (main)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1532648/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1451438] Re: graphite2 fails to build in trusty on i386

[Marc Deslauriers]

Fixed in (1.2.4-1ubuntu1.1).

** Changed in: graphite2 (Ubuntu Trusty)
   Status: New => Fix Released

** Changed in: graphite2 (Ubuntu)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to graphite2 in Ubuntu.
https://bugs.launchpad.net/bugs/1451438

Title:
  graphite2 fails to build in trusty on i386

Status in graphite2 package in Ubuntu:
  Fix Released
Status in graphite2 source package in Trusty:
  Fix Released

Bug description:
  seen in a test rebuild at
  https://launchpad.net/ubuntu/+archive/test-rebuild-20150317/+build/7074792

  and confirmed in a plain trusty environment.

  make[5]: Entering directory `/home/doko/tmp/graphite2-1.2.4/build'
  /usr/bin/cmake -E cmake_progress_report 
/home/doko/tmp/graphite2-1.2.4/build/CMakeFiles 2
  [ 33%] Generating manual.pdf
  cd /home/doko/tmp/graphite2-1.2.4/build/doc && /usr/bin/a2x --icons -D 
/home/doko/tmp/graphite2-1.2.4/build/doc 
/home/doko/tmp/graphite2-1.2.4/doc/manual.txt
  a2x: WARNING: --destination-dir option is only applicable to HTML based 
outputs
  /usr/bin/cmake -E cmake_progress_report 
/home/doko/tmp/graphite2-1.2.4/build/CMakeFiles 3
  [ 66%] Generating manual.html
  cd /home/doko/tmp/graphite2-1.2.4/build/doc && /usr/bin/a2x -f xhtml --icons 
-D /home/doko/tmp/graphite2-1.2.4/build/doc 
/home/doko/tmp/graphite2-1.2.4/doc/manual.txt
  a2x: ERROR: missing resource: 
/home/doko/tmp/graphite2-1.2.4/doc/images/icons/callouts/1.png
  make[5]: *** [doc/manual.html] Error 1
  make[5]: Leaving directory `/home/doko/tmp/graphite2-1.2.4/build'
  make[4]: *** [doc/CMakeFiles/docs.dir/all] Error 2
  make[4]: Leaving directory `/home/doko/tmp/graphite2-1.2.4/build'
  make[3]: *** [doc/CMakeFiles/docs.dir/rule] Error 2
  make[3]: Leaving directory `/home/doko/tmp/graphite2-1.2.4/build'
  make[2]: *** [docs] Error 2
  make[2]: Leaving directory `/home/doko/tmp/graphite2-1.2.4/build'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/graphite2/+bug/1451438/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1546459] Re: segfault at b774bd9d ip b7352a0d sp bfda8f30 error 7 in libresolv-2.19.so[b7349000+13000]

[Marc Deslauriers]

How are you installing this? What image are you using?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/1546459

Title:
  segfault at b774bd9d ip b7352a0d sp bfda8f30 error 7 in
  libresolv-2.19.so[b7349000+13000]

Status in eglibc package in Ubuntu:
  Confirmed

Bug description:
  During the installation of Ubuntu Linux happens error:
  segfault at b774bd9d ip b7352a0d sp bfda8f30 error 7 in 
libresolv-2.19.so[b7349000+13000]

  Package: libc6-udeb_2.19-0ubuntu6.7_i386.udeb
  Kernel: Kernel 
http://security.ubuntu.com/ubuntu/dists/trusty-updates/main/installer-i386/20101020ubuntu318.36/images/netboot/ubuntu-installer/i386/linux

  BusyBox v1.21.1 (Ubuntu 1:1.21.0-1ubuntu1)
  Linux version 3.13.0-77-generic (buildd@lcy01-35) (gcc version 4.8.2 (Ubuntu 
4.8.2-19ubuntu1) ) #121-Ubuntu SMP Wed Jan 20 10:50:59 UTC 2016 (Ubuntu 
3.13.0-77.121-generic 3.13.11-ckt32)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1546459/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1547147] Re: libnss3-dev adds epoch 2 to the Version in pkg-config's pc file

[Marc Deslauriers]

Confirmed, the epoch wasn't supposed to get bumped in precise.

** Also affects: nss (Ubuntu Precise)
   Importance: Undecided
   Status: New

** Changed in: nss (Ubuntu Precise)
   Status: New => Confirmed

** Changed in: nss (Ubuntu Precise)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: nss (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1547147

Title:
  libnss3-dev  adds epoch 2 to the Version in pkg-config's pc file

Status in nss package in Ubuntu:
  Invalid
Status in nss source package in Precise:
  Confirmed

Bug description:
  Update 2:3.21-0ubuntu0.12.04.1 in Precise bumps the epoch of the
  package.

  However, nss.pc contains:

  Version: 2:3.21

  
  This breaks detection of the version.

  for example, NetworkManager's configure.ac has
  PKG_CHECK_MODULES(NSS, [nss >= 3.11])

  
  With this change, it results in a configure-failure:

  
  checking for NSS... no
  configure: error: Package requirements (nss >= 3.11) were not met:
  Requested 'nss >= 3.11' but version of NSS is 2:3.21


  
  For example Debian also has an epoch of #2, but nss.pc doesn't contain the 
epoch there:

  $ grep Version /usr/lib/x86_64-linux-gnu/pkgconfig/nss.pc
  Version: 3.21

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1547147/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1546459] Re: segfault at b774bd9d ip b7352a0d sp bfda8f30 error 7 in libresolv-2.19.so[b7349000+13000]

[Marc Deslauriers]

I can reproduce this issue with the mini.iso from the release version of
14.04.

Could you please try again with the newer mini.iso from trusty-updates
(available here:)

http://archive.ubuntu.com/ubuntu/dists/trusty-updates/main/installer-amd64/current/images/netboot/mini.iso
http://archive.ubuntu.com/ubuntu/dists/trusty-updates/main/installer-i386/current/images/netboot/mini.iso

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/1546459

Title:
  segfault at b774bd9d ip b7352a0d sp bfda8f30 error 7 in
  libresolv-2.19.so[b7349000+13000]

Status in eglibc package in Ubuntu:
  Confirmed

Bug description:
  During the installation of Ubuntu Linux happens error:
  segfault at b774bd9d ip b7352a0d sp bfda8f30 error 7 in 
libresolv-2.19.so[b7349000+13000]

  Package: libc6-udeb_2.19-0ubuntu6.7_i386.udeb
  Kernel: Kernel 
http://security.ubuntu.com/ubuntu/dists/trusty-updates/main/installer-i386/20101020ubuntu318.36/images/netboot/ubuntu-installer/i386/linux

  BusyBox v1.21.1 (Ubuntu 1:1.21.0-1ubuntu1)
  Linux version 3.13.0-77-generic (buildd@lcy01-35) (gcc version 4.8.2 (Ubuntu 
4.8.2-19ubuntu1) ) #121-Ubuntu SMP Wed Jan 20 10:50:59 UTC 2016 (Ubuntu 
3.13.0-77.121-generic 3.13.11-ckt32)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1546459/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1444656] Re: GnuTLS TLS 1.2 handshake failure

[Marc Deslauriers]

It looks like the servers listed in the bug description require SIGN-
RSA-SHA384, which gnutls26 doesn't support.

The issue can be reproduced with gnutls28 by disabling the additional
signature algorithms:

gnutls-cli --priority "NORMAL:-SIGN-ECDSA-SHA256:-SIGN-RSA-SHA384:-SIGN-
ECDSA-SHA384:-SIGN-RSA-SHA512:-SIGN-ECDSA-SHA512:-SIGN-RSA-SHA224:-SIGN-
DSA-SHA224:-SIGN-ECDSA-SHA224:-SIGN-ECDSA-SHA1" -d 256 sequencewiz.com

Fixing this likely requires at least the following commit to be
backported:

https://gitlab.com/gnutls/gnutls/commit/75b493132239e824d671f4b09d1dfd0f7ca6a8b1

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1444656

Title:
  GnuTLS TLS 1.2 handshake failure

Status in gnutls26 package in Ubuntu:
  Invalid
Status in gnutls26 source package in Trusty:
  Triaged

Bug description:
  I'm experiencing the same issue as here:

  http://comments.gmane.org/gmane.network.gnutls.general/3713

  
  I came across a SSL handshake problem with gnutls-cli when connecting to 
  some websites, see below. It is somehow specific to gnutls as 
  openssl/Chrome/Firefox can connect fine. 

  Is this is a bug in gnutls or do you have any ideas how to
  troubleshoot it?

  $ gnutls-cli --version
  gnutls-cli (GnuTLS) 2.12.23
  Packaged by Debian (2.12.23-12ubuntu2.1)

  $ gnutls-cli www.openlearning.com
  Resolving 'www.openlearning.com'...
  Connecting to '119.9.9.205:443'...
  *** Fatal error: A TLS fatal alert has been received.
  *** Received alert [40]: Handshake failed
  *** Handshake has failed
  GnuTLS error: A TLS fatal alert has been received.

  $ gnutls-cli sequencewiz.com
  Resolving 'sequencewiz.com'...
  Connecting to '50.112.144.117:443'...
  *** Fatal error: A TLS packet with unexpected length was received.
  *** Handshake has failed
  GnuTLS error: A TLS packet with unexpected length was received.

  Thank you,

  
  Please back port the latest GnuTLS to Trusty as it is an LTS release and 
clearly GnuTLS 2.12 is an old branch.

  I've also attached packet captures of this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1444656/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1554935] Re: package libandroid-properties1 0.1.0+git20131207+e452e83-0ubuntu40~gcc5.1 failed to install/upgrade: package libandroid-properties1 is already installed and configur

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libhybris in Ubuntu.
https://bugs.launchpad.net/bugs/1554935

Title:
  package libandroid-properties1
  0.1.0+git20131207+e452e83-0ubuntu40~gcc5.1 failed to install/upgrade:
  package libandroid-properties1 is already installed and configured

Status in libhybris package in Ubuntu:
  New

Bug description:
  ???

  ProblemType: Package
  DistroRelease: Ubuntu 15.10
  Package: libandroid-properties1 0.1.0+git20131207+e452e83-0ubuntu40~gcc5.1
  ProcVersionSignature: Ubuntu 4.2.0-30.36-generic 4.2.8-ckt3
  Uname: Linux 4.2.0-30-generic x86_64
  ApportVersion: 2.19.1-0ubuntu5
  AptdaemonVersion: 1.1.1+bzr982-0ubuntu14
  Architecture: amd64
  CrashReports:
   640:0:115:2126100:2016-03-09 13:56:51.501971960 +0700:2016-03-09 
13:56:52.501971960 +0700:/var/crash/liboxideqtquick0:amd64.0.crash
   640:0:115:319831:2016-03-09 12:28:52.275421142 +0700:2016-03-09 
12:28:53.275421142 +0700:/var/crash/liboxideqtcore0:amd64.0.crash
   644:0:115:0:2016-03-09 13:56:55.594081377 +0700:2016-03-09 
13:56:55.594081377 +0700:/var/crash/liboxideqtquick0:amd64.0.upload
   640:0:115:319424:2016-03-09 12:28:53.207418680 +0700:2016-03-09 
12:28:54.207418680 +0700:/var/crash/libandroid-properties1.0.crash
  Date: Wed Mar  9 12:28:53 2016
  Dependencies:
   gcc-5-base 5.2.1-22ubuntu2
   libc6 2.21-0ubuntu4.1
   libgcc1 1:5.2.1-22ubuntu2
  DuplicateSignature: 
package:libandroid-properties1:0.1.0+git20131207+e452e83-0ubuntu40~gcc5.1:package
 libandroid-properties1 is already installed and configured
  ErrorMessage: package libandroid-properties1 is already installed and 
configured
  InstallationDate: Installed on 2016-03-09 (0 days ago)
  InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021)
  RelatedPackageVersions:
   dpkg 1.18.2ubuntu5.1
   apt  1.0.10.2ubuntu1
  SourcePackage: libhybris
  Title: package libandroid-properties1 
0.1.0+git20131207+e452e83-0ubuntu40~gcc5.1 failed to install/upgrade: package 
libandroid-properties1 is already installed and configured
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libhybris/+bug/1554935/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1543070] Re: Security breach: bubble displays message preview when screen is unlocked

[Marc Deslauriers]

** Changed in: messaging-app (Ubuntu)
   Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to messaging-app in Ubuntu.
https://bugs.launchpad.net/bugs/1543070

Title:
  Security breach: bubble displays message preview when screen is
  unlocked

Status in messaging-app package in Ubuntu:
  Triaged

Bug description:
  This is not a proper bug in the software behaviour, but an important 
functional security breach.
  Nowadays we use the phone to validate our bank transactions, to double step 
login, etc. We receive a secret code in the phone so we can authenticate the 
transaction, or validate ourselves as the right person using it.
  But when doing a bank transference or any other secure operation that 
requires my phone to validate it, surprisingly, anyone holding my phone in the 
moment the message is received, can see the secret code, and then do a 
fraudulent operation with my phone without even unlocking the screen.

  Thanks.

  Device: Smartphone BQ Aquaris 4.5E 
  O.S.: Ubuntu Phone 

  phablet@ubuntu-phablet:~$ lsb_release -rd
  Description:Ubuntu 15.04
  Release:15.04
  phablet@ubuntu-phablet:~$

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/messaging-app/+bug/1543070/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1558114] Re: package libpam-modules 1.1.8-3.1ubuntu3.1 failed to install/upgrade: trying to overwrite shared '/usr/share/man/man8/pam_unix.8.gz', which is different from other in

[Marc Deslauriers]

** Also affects: pam (Ubuntu Precise)
   Importance: Undecided
   Status: New

** Also affects: pam (Ubuntu Xenial)
   Importance: Critical
 Assignee: Marc Deslauriers (mdeslaur)
   Status: Triaged

** Changed in: pam (Ubuntu Precise)
   Status: New => Triaged

** Changed in: pam (Ubuntu Precise)
   Importance: Undecided => Critical

** Changed in: pam (Ubuntu Precise)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: pam (Ubuntu Trusty)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: pam (Ubuntu Wily)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1558114

Title:
  package libpam-modules 1.1.8-3.1ubuntu3.1 failed to install/upgrade:
  trying to overwrite shared '/usr/share/man/man8/pam_unix.8.gz', which
  is different from other instances of package libpam-modules:i386

Status in pam package in Ubuntu:
  Triaged
Status in pam source package in Precise:
  Triaged
Status in pam source package in Trusty:
  Triaged
Status in pam source package in Wily:
  Triaged
Status in pam source package in Xenial:
  Triaged

Bug description:
  E: /var/cache/apt/archives/libpam-modules_1.1.8-3.1ubuntu3.1_i386.deb:
  trying to overwrite shared '/usr/share/man/man8/pam_unix.8.gz', which
  is different from other instances of package libpam-modules:i386

  ProblemType: Package
  DistroRelease: Ubuntu 15.10
  Package: libpam-modules 1.1.8-3.1ubuntu3.1
  ProcVersionSignature: Ubuntu 4.2.0-34.39-generic 4.2.8-ckt4
  Uname: Linux 4.2.0-34-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia_modeset nvidia
  ApportVersion: 2.19.1-0ubuntu5
  Architecture: amd64
  Date: Wed Mar 16 10:47:24 2016
  DuplicateSignature: package:libpam-modules:1.1.8-3.1ubuntu3.1:trying to 
overwrite shared '/usr/share/man/man8/pam_unix.8.gz', which is different from 
other instances of package libpam-modules:i386
  ErrorMessage: trying to overwrite shared '/usr/share/man/man8/pam_unix.8.gz', 
which is different from other instances of package libpam-modules:i386
  InstallationDate: Installed on 2013-03-15 (1097 days ago)
  InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Alpha amd64 (20130314)
  RelatedPackageVersions:
   dpkg 1.18.2ubuntu5.1
   apt  1.0.10.2ubuntu1
  SourcePackage: pam
  Title: package libpam-modules 1.1.8-3.1ubuntu3.1 failed to install/upgrade: 
trying to overwrite shared '/usr/share/man/man8/pam_unix.8.gz', which is 
different from other instances of package libpam-modules:i386
  UpgradeStatus: Upgraded to wily on 2015-10-23 (145 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1558114/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1566279] Re: python2.7 crashed with SIGSEGV

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1566279

Title:
  python2.7 crashed with SIGSEGV

Status in python2.7 package in Ubuntu:
  New

Bug description:
  Ubuntu 16.04 AMD64 Desktop

  ProblemType: Crash
  DistroRelease: Ubuntu 16.04
  Package: python2.7-minimal 2.7.11-7
  ProcVersionSignature: Ubuntu 4.4.0-17.33-generic 4.4.6
  Uname: Linux 4.4.0-17-generic x86_64
  ApportVersion: 2.20.1-0ubuntu1
  Architecture: amd64
  Date: Mon Apr  4 19:13:09 2016
  ExecutablePath: /usr/bin/python2.7
  InstallationDate: Installed on 2016-04-04 (0 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Beta amd64 (20160323)
  ProcCmdline: python ubuntu-after-install.py
  ProcEnviron:
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   LANGUAGE=en_US
   SHELL=/bin/bash
   TERM=unknown
  Signal: 11
  SourcePackage: python2.7
  StacktraceTop:
   ?? ()
   ?? () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
   ?? () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
   ?? () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
   ?? () from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
  Title: python2.7 crashed with SIGSEGV
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1566279/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1567631] Re: [HDA-Intel - HDA Intel PCH, playback] Playback problem

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/1567631

Title:
  [HDA-Intel - HDA Intel PCH, playback] Playback problem

Status in alsa-driver package in Ubuntu:
  New

Bug description:
  No fone de ouvido funciona, menos nos altos falantes do notebook!

  ProblemType: Bug
  DistroRelease: Ubuntu 12.04
  Package: alsa-base 1.0.25+dfsg-0ubuntu1.1
  ProcVersionSignature: Ubuntu 3.5.0-61.90-generic 3.5.7.33
  Uname: Linux 3.5.0-61-generic x86_64
  AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.25.
  AplayDevices:
    List of PLAYBACK Hardware Devices 
   card 1: PCH [HDA Intel PCH], device 0: HDA Generic [HDA Generic]
 Subdevices: 1/1
 Subdevice #0: subdevice #0
  ApportVersion: 2.0.1-0ubuntu17.13
  Architecture: amd64
  ArecordDevices:
    List of CAPTURE Hardware Devices 
   card 1: PCH [HDA Intel PCH], device 0: HDA Generic [HDA Generic]
 Subdevices: 1/1
 Subdevice #0: subdevice #0
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC1:  judicele   1873 F pulseaudio
  Card0.Amixer.info:
   Card hw:0 'Intel'/'HDA Intel at 0xf7e14000 irq 60'
 Mixer name : 'Generic  ID 0'
 Components : 'HDA:,80860101,0010'
 Controls  : 0
 Simple ctrls  : 0
  Card0.Amixer.values:
   
  Card1.Amixer.info:
   Card hw:1 'PCH'/'HDA Intel PCH at 0xf7e1 irq 60'
 Mixer name : 'Realtek ID 255'
 Components : 'HDA:10ec0255,10280651,0012'
 Controls  : 4
 Simple ctrls  : 3
  Date: Thu Apr  7 16:29:17 2016
  DistributionChannelDescriptor:
   # This is a distribution channel descriptor
   # For more information see 
http://wiki.ubuntu.com/DistributionChannelDescriptor
   canonical-oem-somerville-precise-amd64-20130203-1
  InstallationMedia: Ubuntu 12.04 "Precise" - Build amd64 LIVE Binary 
20130203-13:50
  MarkForUpload: True
  PackageArchitecture: all
  SourcePackage: alsa-driver
  Symptom: audio
  Symptom_AlsaPlaybackTest: ALSA playback test through plughw:PCH failed
  Symptom_Card: Áudio interno - HDA Intel PCH
  Symptom_Type: None of the above
  Title: [HDA-Intel - HDA Intel PCH, playback] Playback problem
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 11/03/2015
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: A10
  dmi.board.name: 0WVGRF
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A10
  dmi.chassis.type: 8
  dmi.chassis.vendor: Dell Inc.
  dmi.chassis.version: Not Specified
  dmi.modalias: 
dmi:bvnDellInc.:bvrA10:bd11/03/2015:svnDellInc.:pnInspiron3542:pvrNotSpecified:rvnDellInc.:rn0WVGRF:rvrA10:cvnDellInc.:ct8:cvrNotSpecified:
  dmi.product.name: Inspiron 3542
  dmi.product.version: Not Specified
  dmi.sys.vendor: Dell Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1567631/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1567343] Re: I am just trying to help you !

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1567343

Title:
  I am just trying to help you !

Status in xorg package in Ubuntu:
  New

Bug description:
  I don't know :\

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: xorg 1:7.7+1ubuntu8.1
  ProcVersionSignature: Ubuntu 3.19.0-58.64~14.04.1-generic 3.19.8-ckt16
  Uname: Linux 3.19.0-58-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.14.1-0ubuntu3.19
  Architecture: amd64
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: None
  Date: Thu Apr  7 13:26:31 2016
  DistUpgraded: Fresh install
  DistroCodename: trusty
  DistroVariant: ubuntu
  DkmsStatus: bcmwl, 6.30.223.248+bdcom, 3.19.0-58-generic, x86_64: installed
  GraphicsCard:
   Intel Corporation 3rd Gen Core processor Graphics Controller [8086:0166] 
(rev 09) (prog-if 00 [VGA controller])
 Subsystem: Apple Inc. Device [106b:00fd]
  InstallationDate: Installed on 2016-04-06 (0 days ago)
  InstallationMedia: Ubuntu-GNOME 14.04.3 LTS "Trusty Tahr" - Beta amd64 
(20150805)
  MachineType: Apple Inc. MacBookAir5,1
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.19.0-58-generic.efi.signed 
root=UUID=ebfe7dba-2911-4959-836c-c22d09e96d2e ro quiet splash vt.handoff=7
  SourcePackage: xorg
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 09/11/2015
  dmi.bios.vendor: Apple Inc.
  dmi.bios.version: MBA51.88Z.00EF.B04.1509111654
  dmi.board.asset.tag: Base Board Asset Tag#
  dmi.board.name: Mac-66F35F19FE2A0D05
  dmi.board.vendor: Apple Inc.
  dmi.board.version: MacBookAir5,1
  dmi.chassis.type: 10
  dmi.chassis.vendor: Apple Inc.
  dmi.chassis.version: Mac-66F35F19FE2A0D05
  dmi.modalias: 
dmi:bvnAppleInc.:bvrMBA51.88Z.00EF.B04.1509111654:bd09/11/2015:svnAppleInc.:pnMacBookAir5,1:pvr1.0:rvnAppleInc.:rnMac-66F35F19FE2A0D05:rvrMacBookAir5,1:cvnAppleInc.:ct10:cvrMac-66F35F19FE2A0D05:
  dmi.product.name: MacBookAir5,1
  dmi.product.version: 1.0
  dmi.sys.vendor: Apple Inc.
  version.compiz: compiz N/A
  version.ia32-libs: ia32-libs N/A
  version.libdrm2: libdrm2 2.4.64-1~ubuntu14.04.1
  version.libgl1-mesa-dri: libgl1-mesa-dri N/A
  version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core N/A
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati N/A
  version.xserver-xorg-video-intel: xserver-xorg-video-intel N/A
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau N/A
  xserver.bootTime: Thu Apr  7 13:25:26 2016
  xserver.configfile: default
  xserver.errors:
   
  xserver.logfile: /var/log/Xorg.0.log
  xserver.outputs:
   product id   40178 
   vendor APP
  xserver.version: 2:1.17.1-0ubuntu3.1~trusty1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1567343/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565551] Re: webapp-container crashed with SIGSEGV in malloc_consolidate()

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to webbrowser-app in Ubuntu.
https://bugs.launchpad.net/bugs/1565551

Title:
  webapp-container crashed with SIGSEGV in malloc_consolidate()

Status in webbrowser-app package in Ubuntu:
  New

Bug description:
  amazon app. It just crashed I don't know why. After it crashed the bug
  reporter came up.

  ProblemType: Crash
  DistroRelease: Ubuntu 16.04
  Package: webapp-container 0.23+16.04.20160322-0ubuntu1
  ProcVersionSignature: Ubuntu 4.4.0-16.32-generic 4.4.6
  Uname: Linux 4.4.0-16-generic x86_64
  ApportVersion: 2.20.1-0ubuntu1
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Sun Apr  3 16:36:39 2016
  ExecutablePath: /usr/bin/webapp-container
  InstallationDate: Installed on 2016-03-28 (6 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Beta amd64 (20160323)
  ProcCmdline: webapp-container --app-id=ubuntu-amazon-default --webapp 
--enable-back-forward http://www.amazon.com/?tag=u1webapp-20
  ProcEnviron:
   PATH=(custom, no user)
   SHELL=/bin/bash
   LANG=en_US.UTF-8
   LANGUAGE=en_US
   XDG_RUNTIME_DIR=
  SegvAnalysis:
   Segfault happened at: 0x7fa8e6952738 :   mov
0x8(%rbx),%rax
   PC (0x7fa8e6952738) ok
   source "0x8(%rbx)" (0x7fa80008) not located in a known VMA region 
(needed readable region)!
   destination "%rax" ok
   Stack memory exhausted (SP below stack segment)
  SegvReason: reading unknown VMA
  Signal: 11
  SourcePackage: webbrowser-app
  StacktraceTop:
   malloc_consolidate (av=av@entry=0x7fa8b020) at malloc.c:4168
   _int_malloc (av=av@entry=0x7fa8b020, bytes=bytes@entry=1080) at 
malloc.c:3451
   __GI___libc_malloc (bytes=1080) at malloc.c:2914
   operator new(unsigned long) () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
   ?? () from /usr/lib/x86_64-linux-gnu/libOxideQtCore.so.0
  Title: webapp-container crashed with SIGSEGV in malloc_consolidate()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/webbrowser-app/+bug/1565551/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565626] Re: tracker-miner-fs crashed with SIGSEGV in up_exported_daemon_get_on_battery()

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tracker in Ubuntu.
https://bugs.launchpad.net/bugs/1565626

Title:
  tracker-miner-fs crashed with SIGSEGV in
  up_exported_daemon_get_on_battery()

Status in tracker package in Ubuntu:
  New

Bug description:
  UBUNTU BAGS

  ProblemType: Crash
  DistroRelease: Ubuntu 16.04
  Package: tracker-miner-fs 1.6.2-0ubuntu1
  ProcVersionSignature: Ubuntu 4.4.0-16.32-generic 4.4.6
  Uname: Linux 4.4.0-16-generic i686
  ApportVersion: 2.20-0ubuntu3
  Architecture: i386
  CurrentDesktop: Unity
  Date: Mon Apr  4 08:41:34 2016
  ExecutablePath: /usr/lib/tracker/tracker-miner-fs
  InstallationDate: Installed on 2016-03-31 (3 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Beta i386 (20160331)
  ProcCmdline: /usr/lib/tracker/tracker-miner-fs
  ProcEnviron:
   LANGUAGE=ru
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=ru_RU.UTF-8
   SHELL=/bin/bash
  SegvAnalysis:
   Segfault happened at: 0xb737f77d : 
pushl  (%esi)
   PC (0xb737f77d) ok
   source "(%esi)" (0x) not located in a known VMA region (needed 
readable region)!
   destination "(%esp)" (0xbfe98664) ok
  SegvReason: reading NULL VMA
  Signal: 11
  SourcePackage: tracker
  StacktraceTop:
   up_exported_daemon_get_on_battery () from 
/usr/lib/i386-linux-gnu/libupower-glib.so.3
   up_client_get_on_battery () from /usr/lib/i386-linux-gnu/libupower-glib.so.3
   ?? ()
   ?? ()
   g_type_create_instance () from /usr/lib/i386-linux-gnu/libgobject-2.0.so.0
  Title: tracker-miner-fs crashed with SIGSEGV in 
up_exported_daemon_get_on_battery()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tracker/+bug/1565626/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1567008] Re: package libsignon-plugins-common1:amd64 8.57+15.10.20150616-0ubuntu2~gcc5.1 failed to install/upgrade: package is in a very bad inconsistent state; you should reins

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to signon in Ubuntu.
https://bugs.launchpad.net/bugs/1567008

Title:
  package libsignon-plugins-common1:amd64
  8.57+15.10.20150616-0ubuntu2~gcc5.1 failed to install/upgrade: package
  is in a very bad inconsistent state; you should  reinstall it before
  attempting configuration

Status in signon package in Ubuntu:
  New

Bug description:
  was installing updates. left and returned later ubuntu said there was
  a problem removing a file

  ProblemType: Package
  DistroRelease: Ubuntu 15.10
  Package: libsignon-plugins-common1:amd64 8.57+15.10.20150616-0ubuntu2~gcc5.1
  ProcVersionSignature: Ubuntu 4.2.0-27.32-generic 4.2.8-ckt1
  Uname: Linux 4.2.0-27-generic x86_64
  ApportVersion: 2.19.1-0ubuntu5
  Architecture: amd64
  Date: Wed Apr  6 07:49:19 2016
  DuplicateSignature: 
package:libsignon-plugins-common1:amd64:8.57+15.10.20150616-0ubuntu2~gcc5.1:package
 is in a very bad inconsistent state; you should  reinstall it before 
attempting configuration
  ErrorMessage: package is in a very bad inconsistent state; you should  
reinstall it before attempting configuration
  InstallationDate: Installed on 2016-02-15 (50 days ago)
  InstallationMedia: Ubuntu-GNOME 15.10 "Wily Werewolf" - Release amd64 
(20151021)
  RelatedPackageVersions:
   dpkg 1.18.2ubuntu5.1
   apt  1.0.10.2ubuntu1
  SourcePackage: signon
  Title: package libsignon-plugins-common1:amd64 
8.57+15.10.20150616-0ubuntu2~gcc5.1 failed to install/upgrade: package is in a 
very bad inconsistent state; you should  reinstall it before attempting 
configuration
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/signon/+bug/1567008/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565224] Re: error

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1565224

Title:
  error

Status in xorg package in Ubuntu:
  New

Bug description:
  error

  ProblemType: Bug
  DistroRelease: Ubuntu 15.10
  Package: xorg 1:7.7+7ubuntu4
  ProcVersionSignature: Ubuntu 4.2.0-34.39-generic 4.2.8-ckt4
  Uname: Linux 4.2.0-34-generic x86_64
  ApportVersion: 2.19.1-0ubuntu5
  Architecture: amd64
  CurrentDesktop: LXDE
  Date: Sat Apr  2 10:05:34 2016
  InstallationDate: Installed on 2016-03-30 (2 days ago)
  InstallationMedia: Lubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021)
  SourcePackage: xorg
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1565224/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1568149] Re: startup-disk-creator will not ask for authentication

[Marc Deslauriers]

The policykit-desktop-privileges package was changed in 2011 to allow
writing images without a password:

policykit-desktop-privileges (0.7) oneiric; urgency=low

  * Allow local admins to do the less harmful usb-creator actions (mounting
and writing image) without a password.
 -- Martin Pitt    Wed, 06 Jul 2011 10:12:36 +0200

The user still needs to be in the admin group.

Is this no longer sufficient?

** Package changed: usb-creator (Ubuntu) => policykit-desktop-privileges
(Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to policykit-desktop-
privileges in Ubuntu.
https://bugs.launchpad.net/bugs/1568149

Title:
  startup-disk-creator will not ask for authentication

Status in policykit-desktop-privileges package in Ubuntu:
  Confirmed

Bug description:
  Startup Disk Creator has stopped asking me for authentication. This is
  a serious bug.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: usb-creator-gtk 0.3.2
  ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6
  Uname: Linux 4.4.0-18-generic x86_64
  ApportVersion: 2.20.1-0ubuntu1
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Fri Apr  8 17:27:37 2016
  InstallationDate: Installed on 2015-02-28 (405 days ago)
  InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Alpha amd64 (20150219)
  SourcePackage: usb-creator
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-desktop-privileges/+bug/1568149/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1556330] Re: upstream curl bug #1371: p12 client certificates code is broken

[Marc Deslauriers]

The debdiff looked fine, but needed fixing. Curl is a particular package
as the last two patches get unapplied during the build to accommodate
for different library backends. New patches need to get added earlier in
the series file.

I've fixed the debdiff, made sure it builds properly, and have uploaded
the package for processing by the SRU team.

Thanks!

** Changed in: curl (Ubuntu Trusty)
   Status: Triaged => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/1556330

Title:
  upstream curl bug #1371: p12 client certificates code is broken

Status in curl package in Ubuntu:
  Fix Released
Status in curl source package in Trusty:
  In Progress

Bug description:
  [Impact]

  The bug makes it impossible to use PKCS#12 secure storage of client
  certificates and private keys with any affected Ubuntu releases. The
  fix is one line fixing a broken switch statement and was already
  tested against Ubuntu 14.04 LTS with a rebuilt curl package.

  This was fixed in upstream libcurl in the following bug:

  https://sourceforge.net/p/curl/bugs/1371/

  The bug fix consists of one missing break statement at the end of a
  case in a switch statement.

  I personally patched the bug using source code release
  curl_7.35.0-1ubuntu2.6.dsc, used in Ubuntu 14.04 LTS, and verified it
  does indeed fix the bug and all of the package's tests still pass
  afterwards.

  [Test Case]

  The bug can be reproduced using the following libcurl parameters (even
  via CLI, pycurl, etc.).

  CURLOPT_SSLCERTTYPE == "P12"
  CURLOPT_SSLCERT = path to PKCS#12
  CURLOPT_SSLKEY = path to PKCS#12
  CURLOPT_SSLKEYPASSWD = key for PKCS#12 if needed

  Basically, just use a PKCS#12 format client certificate and private
  key against some certificate protected web server.

  [Regression Potential]

  If it could possibly break anything, which is extraordinarily
  unlikely, it would break one of the three client certificate formats
  (most likely PKCS#12 but also PEM or DER). Note 1/3 formats is already
  broken due to the bug. Client certificates of all three types could be
  checked to prevent this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1556330/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1456195] Re: Zero-minimum possessive groups does not match empty string

[Marc Deslauriers]

Thanks for the patch. Could you please prepare a debdiff for trusty and
wily suitable for sponsoring as an SRU?

Thanks!

** Also affects: pcre3 (Ubuntu Wily)
   Importance: Undecided
   Status: New

** Also affects: pcre3 (Ubuntu Xenial)
   Importance: Medium
   Status: New

** Also affects: pcre3 (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Changed in: pcre3 (Ubuntu Xenial)
   Status: New => Fix Released

** Changed in: pcre3 (Ubuntu Trusty)
   Status: New => Confirmed

** Changed in: pcre3 (Ubuntu Wily)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcre3 in Ubuntu.
https://bugs.launchpad.net/bugs/1456195

Title:
  Zero-minimum possessive groups does not match empty string

Status in pcre3 package in Ubuntu:
  Fix Released
Status in pcre3 source package in Trusty:
  Confirmed
Status in pcre3 source package in Wily:
  Confirmed
Status in pcre3 source package in Xenial:
  Fix Released

Bug description:
  The 14.04/15.04 pcre version doesn't match some inputs with possessive
  qualfiers:

  $ echo '"a"'|pcregrep '("([^b"]*+(b.)?)*+")*+'
  $

  Earlier versions (10.04, 12.04):
  $ echo '"a"'|pcregrep '("([^b"]*+(b.)?)*+")*+'
  "a"
  $

  this is fixed with the following upstream commit (that applies cleanly
  to the 15.04 pcre):

  http://vcs.pcre.org/pcre?view=revision=1478

  https://lists.exim.org/lurker/message/20140527.131833.2fd7547c.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1456195/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1089013] Re: clvm startup script requires cman

[Marc Deslauriers]

ACK on the debdiffs in comment #9 and #10. I've uploaded them for
processing by the SRU team, but I've added the missing start/stop
dependencies change to the trusty one first.

Thanks!

** Changed in: lvm2 (Ubuntu Trusty)
   Status: Triaged => In Progress

** Changed in: lvm2 (Ubuntu Wily)
   Status: Triaged => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lvm2 in Ubuntu.
https://bugs.launchpad.net/bugs/1089013

Title:
  clvm startup script requires cman

Status in lvm2 package in Ubuntu:
  Fix Released
Status in lvm2 source package in Precise:
  Triaged
Status in lvm2 source package in Trusty:
  In Progress
Status in lvm2 source package in Wily:
  In Progress
Status in lvm2 source package in Xenial:
  Fix Released

Bug description:
  while clvm in precise can support corosync, init script won't start
  because issues a cman status command

  ProblemType: Bug
  DistroRelease: Ubuntu 12.04
  Package: clvm 2.02.66-4ubuntu7.1
  ProcVersionSignature: Ubuntu 3.2.0-23.36-generic 3.2.14
  Uname: Linux 3.2.0-23-generic x86_64
  ApportVersion: 2.0.1-0ubuntu5
  Architecture: amd64
  Date: Tue Dec 11 18:09:36 2012
  InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 
(20120424.1)
  ProcEnviron:
   TERM=screen
   LANG=it_IT.UTF-8
   SHELL=/bin/bash
  SourcePackage: lvm2
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.default.clvm: [modified]
  mtime.conffile..etc.default.clvm: 2012-12-11T16:45:40.149014

  [Impact]

   * clvm daemon cannot start using provided init scripts

  [Test Case]

   * Install clvm package
   * Configure corosync
   * service clvm start
     - Fails to start due to cman dependency

  [Regression Potential]

   * None, already broken, though there is risk of other bugs being
  uncovered since this hasn't worked in quite awhile.

  [Other Info]

   * This is a change to the debian provided init script for clvm. Upstream
     debian still has the redhat-cluster package which contains the cman
     tool, as such this change is applicable to Ubuntu only since the
     redhat clustering suite is not available.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1089013/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1564451] Re: User processes are counted towards systemd limit for sshd processes

[Marc Deslauriers]

** Information type changed from Public Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1564451

Title:
  User processes are counted towards systemd limit for sshd processes

Status in systemd:
  New
Status in openssh package in Ubuntu:
  New

Bug description:
  When running Xenial, user processes are counted towards the limit for
  the ssh.service, with a limit of 512. So if I login as a normal user
  via ssh and start 512 processes, nobody will be able to login any more
  and even all other users currently logged in will not be able to start
  any new tasks. I'm not certain whether this behaviour is by design,
  but to me it looks like a critical DOS possibility, so tagging as
  security bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1564451/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1547133] Re: After automatically upgrading Xubuntu library libnss3 to version 2:3.21-0ubuntu0.15.10.1 some apps stop working

[Marc Deslauriers]

This is a bug in QtWebEngine.

The file
src/3rdparty/chromium/net/third_party/nss/patches/chacha20poly1305.patch
contains the following:

+/* This is a bodge to allow this code to be compiled against older NSS
+ * headers. */
+#ifndef CKM_NSS_CHACHA20_POLY1305
+#define CKM_NSS_CHACHA20_POLY1305   (CKM_NSS + 26)

Unfortunately, CKM_NSS + 26 got used for something else in nss 3.21:
#define CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH (CKM_NSS + 26)

In nss 3.23, we now have:
#define CKM_NSS_CHACHA20_POLY1305   (CKM_NSS + 28)

This means QtWebEngine isn't using the right value.

To fix this, QtWebEngine needs to be patched to use the proper value of CKM_NSS 
+ 28 in the following files:
src/3rdparty/chromium/net/socket/ssl_client_socket_nss.cc
src/3rdparty/chromium/net/third_party/nss/patches/chacha20poly1305.patch
src/3rdparty/chromium/net/third_party/nss/ssl/ssl3con.c
src/3rdparty/chromium/third_party/nss/patches/nss-chacha20-poly1305.patch
src/3rdparty/chromium/third_party/nss/nss/lib/util/pkcs11n.h


Once that is done and QtWebEngine is rebuilt, I believe it will be compatible 
with nss 3.21 and 3.23.

I am closing this bug since the product using QtWebEngine is not in
Ubuntu and there is no further action to be done.

** Changed in: nss (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1547133

Title:
  After automatically upgrading Xubuntu library libnss3 to version
  2:3.21-0ubuntu0.15.10.1 some apps stop working

Status in nss package in Ubuntu:
  Invalid

Bug description:
  Upwork Team App uses libnss3 for transferring files via HTTPS and it
  starts getting unknown SSL error - something like being disconnected
  from the network. After downgrading back to 2:3.19.2-1ubuntu1 things
  work again.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1547133/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1553819] Re: Regression in trusty's gnutls26, can't connect to servers with RSA-MD5 certs (cacert)

[Marc Deslauriers]

The point of the USN-2865-1 security update was to remove support for
RSA-MD5 certificates which are considered insecure and were previously
accepted in GnuTLS because of a design flaw.

See the following for more information:

http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html
http://www.ubuntu.com/usn/usn-2865-1/

Please also see the following cacert.org announcement:

http://blog.cacert.org/2015/12/re-signing-root-certificate/

** Changed in: gnutls26 (Ubuntu)
   Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1553819

Title:
  Regression in trusty's gnutls26, can't connect to servers with RSA-MD5
  certs (cacert)

Status in gnutls26 package in Ubuntu:
  Won't Fix

Bug description:
  Ubuntu version: 14.04

  Affected package versions:
  - 2.12.23-12ubuntu2.4
  - 2.12.23-12ubuntu2.5

  Unaffected package versions:
  - 2.12.23-12ubuntu2.3 and older

  
  Description:

  When trying to connect to servers that have a RSA-MD5 signature in
  their certificate chain, gnutls26 fails to connect with "The signature
  algorithm is not supported."

  The root certificate of cacert uses RSA-MD5, so this can be reproduced
  by trying to connect to any server that uses their certs

  Downgrading to 2.12.23-12ubuntu2.3 workarounds the issue.

  This error originally appeared when trying to connect to jabber.ccc.de
  from bitlbee 3.2.1+otr4-1ubuntu0.2.

  gnutls28 is unaffected - The user who reported the issue moved to the
  bitlbee nightly build apt repo, which compiles against gnutls28
  instead of 26, and that "fixed" the issue.

  OpenSSL has no issues connecting either.

  
  Actual behavior (with 2.12.23-12ubuntu2.4):

  $ gnutls-cli cacert.org
  Resolving 'cacert.org'...
  Connecting to '213.154.225.245:443'...
  *** Non fatal error: A TLS warning alert has been received.
  *** Received alert [112]: The server name sent was not recognized
  *** Fatal error: The signature algorithm is not supported.
  *** Handshake has failed
  GnuTLS error: The signature algorithm is not supported.

  
  Expected behavior (with 2.12.23-12ubuntu2.3):

  $ gnutls-cli cacert.org
  Resolving 'cacert.org'...
  Connecting to '213.154.225.245:443'...
  *** Non fatal error: A TLS warning alert has been received.
  *** Received alert [112]: The server name sent was not recognized
  - Ephemeral Diffie-Hellman parameters
   - Using prime: 2048 bits
   - Secret key: 2047 bits
   - Peer's public key: 2046 bits
  - Certificate type: X.509
   - Got a certificate list of 2 certificates.
   - Certificate[0] info:
- subject `C=AU,ST=NSW,L=Sydney,O=CAcert Inc.,CN=www.cacert.org', issuer 
`O=Root CA,OU=http://www.cacert.org,CN=CA Cert Signing 
Authority,EMAIL=supp...@cacert.org', RSA key 2048 bits, signed using 
RSA-SHA512, activated `2014-04-28 20:57:55 UTC', expires `2016-04-27 20:57:55 
UTC', SHA-1 fingerprint `bea40d514ab303db57fa1598efdc02c9b519a910'
   - Certificate[1] info:
- subject `O=Root CA,OU=http://www.cacert.org,CN=CA Cert Signing 
Authority,EMAIL=supp...@cacert.org', issuer `O=Root 
CA,OU=http://www.cacert.org,CN=CA Cert Signing 
Authority,EMAIL=supp...@cacert.org', RSA key 4096 bits, signed using RSA-MD5 
(broken!), activated `2003-03-30 12:29:49 UTC', expires `2033-03-29 12:29:49 
UTC', SHA-1 fingerprint `135cec36f49cb8e93b1ab270cd80884676ce8f33'
  - The hostname in the certificate matches 'cacert.org'.
  - Peer's certificate issuer is unknown
  - Peer's certificate is NOT trusted
  - Version: TLS1.2
  - Key Exchange: DHE-RSA
  - Cipher: AES-256-CBC
  - MAC: SHA256
  - Compression: NULL
  - Handshake was completed

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1553819/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

[Marc Deslauriers]

We released updated openssl packages to handle that case:

http://www.ubuntu.com/usn/usn-2913-3/

What version of openssl do you have installed?
What specific site are you unable to access?

** Changed in: ca-certificates (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1551615

Title:
  Alternative chain verification failure after 1024b root CAs removal

Status in ca-certificates package in Ubuntu:
  Incomplete
Status in ca-certificates package in Debian:
  New

Bug description:
  There is now the same problem on Ubuntu 14.04 as there is currently on
  Debian 7.

  See:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812708
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812488

  Gist:
  Openssl 1.0.1f can not verify certificates that have an alternative chain 
without both root certificates present. The update 20160104ubuntu0.14.04.1 
removes 1024bit certificates that are used within those chains.

  Please don't push this update to vivid too!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1551615/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

[Marc Deslauriers]

Marcin,

It looks like your bank renewed their SSL cert on Feb 9th, and they
forgot to include the intermediate certificate.

This is a configuration problem on their end and has nothing to do with
Ubuntu updates.

Tell them to go to the following page and type in ebank.db-pbc.pl for
more information :

https://cryptoreport.websecurity.symantec.com/checker/views/certCheck.jsp

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1551615

Title:
  Alternative chain verification failure after 1024b root CAs removal

Status in ca-certificates package in Ubuntu:
  Invalid
Status in ca-certificates package in Debian:
  New

Bug description:
  There is now the same problem on Ubuntu 14.04 as there is currently on
  Debian 7.

  See:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812708
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812488

  Gist:
  Openssl 1.0.1f can not verify certificates that have an alternative chain 
without both root certificates present. The update 20160104ubuntu0.14.04.1 
removes 1024bit certificates that are used within those chains.

  Please don't push this update to vivid too!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1551615/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

[Marc Deslauriers]

Glad that it's working, thanks!

I'm closing this bug.

** Changed in: ca-certificates (Ubuntu)
   Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1551615

Title:
  Alternative chain verification failure after 1024b root CAs removal

Status in ca-certificates package in Ubuntu:
  Invalid
Status in ca-certificates package in Debian:
  New

Bug description:
  There is now the same problem on Ubuntu 14.04 as there is currently on
  Debian 7.

  See:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812708
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812488

  Gist:
  Openssl 1.0.1f can not verify certificates that have an alternative chain 
without both root certificates present. The update 20160104ubuntu0.14.04.1 
removes 1024bit certificates that are used within those chains.

  Please don't push this update to vivid too!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1551615/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565293] Re: OpenSSL 1.0.1 fails to recognize cross-signed roots as trusted

[Marc Deslauriers]

*** This bug is a duplicate of bug 1528645 ***
https://bugs.launchpad.net/bugs/1528645

Glad it's working. I didn't rehash, but that should just result in a
dangling symlink which shouldn't be valid. Thanks for testing with a
fresh rehash.

I'll mark this bug as a dupe of 1528645.

Thanks!

** This bug has been marked a duplicate of bug 1528645
   Please update ca-certificates on Trusty

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1565293

Title:
  OpenSSL 1.0.1 fails to recognize cross-signed roots as trusted

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  Google has it's own certificate authority "Google Internet Authority
  G2", which is signed by "GeoTrust Global CA". GeoTrust's certificate
  is already in the trust stores, but it's cross-signed by an older root
  named "Equifax Secure Certificate Authority".

  The Equifax uses a 1024 bit private key and has therefore been removed
  by Mozilla in their library (NSS), see
  https://bugzilla.mozilla.org/show_bug.cgi?id=1156844.

  Issuance from 1024 bit roots has been stopped in 2010 or 2011 IIRC and
  1024 bit keys are no longer safe enough, so the root has been excluded
  from their root program. However, Ubuntu 12.04 and 14.04 do still ship
  with that root in their trust store.

  A bug in the currently default OpenSSL 1.0.1f (at least in 14.04)
  causes OpenSSL to error if that root is missing, even if the previous
  root certificate "GeoTrust Global CA" is already in the root and
  therefore trusted. It seems like it doesn't stop on the first trusted
  certificate but instead requires a complete chain, so requires the
  "Equifax Secure Certificate Authority" to be in the trust store. That
  behavior is fixed in OpenSSL 1.0.2.

  All 1024 bit roots should be removed from the default trust stores as
  soon as possible. For this to work, the OpenSSL bug has to be
  backported first.

  If this is not going to be fixed, at least in 2018, we'll have an
  issue, because that's the date where "Equifax Secure Certificate
  Authority" will expire. If Google and various other sites will not
  change their root to be non-cross-signed, many connections will break
  and fail.

  Domains I know to use old cross-signed certificates: google.com,
  yahoo.com. I didn't do any scans, those were just the first two I
  tried.

  The following will happen on Aug 22 2018 without a fix:

  kelunik@example:~$ faketime '2018-08-23 00:00:00' openssl s_client -quiet 
-verify_return_error -connect google.com:443 -CApath /usr/lib/ssl/certs
  depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
  verify error:num=10:certificate has expired
  notAfter=Aug 22 16:41:51 2018 GMT
  verify return:0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1565293/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1563825] [NEW] FFe: Update to sudo 1.8.16

[Marc Deslauriers]

*** This bug is a security vulnerability ***

Public security bug reported:

I am requesting a FeatureFreeze exception to update sudo in Xenial to
the newly released 1.8.16 version.

Not only does the new 1.8.16 version fix a large number of bugs, but it
also fixes security issues:

- CVE-2015-5602: privilege escalation via symlink attack
- CVE-2015-8239: race condition checking digests/checksums in sudoers
- duplicate environment variable handling

The fixes for these issues are intrusive and difficult to backport.

Once 1.8.16 is in Xenial, I intend to backport it to Precise and Trusty
as a security update to fix the long standing issue with sudo and
timestamp files based on the local clock which resulting in a big
refactoring of how timestamp files work in 1.8.10. (See bug 1219337)

See the following for details of the changes between 1.8.12 and 1.8.16:
https://www.sudo.ws/stable.html

I will of course monitor bugs and will fix any issues that arise.

** Affects: sudo (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1563825

Title:
  FFe: Update to sudo 1.8.16

Status in sudo package in Ubuntu:
  New

Bug description:
  I am requesting a FeatureFreeze exception to update sudo in Xenial to
  the newly released 1.8.16 version.

  Not only does the new 1.8.16 version fix a large number of bugs, but
  it also fixes security issues:

  - CVE-2015-5602: privilege escalation via symlink attack
  - CVE-2015-8239: race condition checking digests/checksums in sudoers
  - duplicate environment variable handling

  The fixes for these issues are intrusive and difficult to backport.

  Once 1.8.16 is in Xenial, I intend to backport it to Precise and
  Trusty as a security update to fix the long standing issue with sudo
  and timestamp files based on the local clock which resulting in a big
  refactoring of how timestamp files work in 1.8.10. (See bug 1219337)

  See the following for details of the changes between 1.8.12 and 1.8.16:
  https://www.sudo.ws/stable.html

  I will of course monitor bugs and will fix any issues that arise.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1563825/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1549609] Re: Stack Corruption in PCRE 8.35

[Marc Deslauriers]

These should now be fixed by the following update:

http://www.ubuntu.com/usn/usn-2943-1/

** Changed in: pcre3 (Ubuntu)
   Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcre3 in Ubuntu.
https://bugs.launchpad.net/bugs/1549609

Title:
  Stack Corruption in PCRE 8.35

Status in pcre3 package in Ubuntu:
  Fix Released

Bug description:
  Various security issues have been fixed in PCRE since 8.35.  Here is
  an example of using a malicious pattern within the Ubuntu PHP5 package
  that leads to stack corruption:

  php5 -r 'preg_match("/(?(1)(()(?1)1)+)/","abcdef", $matches,
  PREG_OFFSET_CAPTURE);'

  Loading
  ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.38.tar.gz
  with the upgrade-pcre.php script resolves this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1549609/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1563825] Re: FFe: Update to sudo 1.8.16

[Marc Deslauriers]

Just to be clear, I will start by merging 1.8.15-1.1 from debian, and
will update to 1.8.16 which isn't in Debian yet.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1563825

Title:
  FFe: Update to sudo 1.8.16

Status in sudo package in Ubuntu:
  Triaged

Bug description:
  I am requesting a FeatureFreeze exception to update sudo in Xenial to
  the newly released 1.8.16 version.

  Not only does the new 1.8.16 version fix a large number of bugs, but
  it also fixes security issues:

  - CVE-2015-5602: privilege escalation via symlink attack
  - CVE-2015-8239: race condition checking digests/checksums in sudoers
  - duplicate environment variable handling

  The fixes for these issues are intrusive and difficult to backport.

  Once 1.8.16 is in Xenial, I intend to backport it to Precise and
  Trusty as a security update to fix the long standing issue with sudo
  and timestamp files based on the local clock which resulting in a big
  refactoring of how timestamp files work in 1.8.10. (See bug 1219337)

  See the following for details of the changes between 1.8.12 and 1.8.16:
  https://www.sudo.ws/stable.html

  I will of course monitor bugs and will fix any issues that arise.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1563825/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565293] Re: OpenSSL 1.0.1 fails to recognize cross-signed roots as trusted

[Marc Deslauriers]

What versions of the openssl and ca-certificates packages have you tried
this on? On what release of Ubuntu?

The following update removed 1024-bit certs:
http://www.ubuntu.com/usn/usn-2913-1/

The following update added alternate certificate chain support to openssl:
http://www.ubuntu.com/usn/usn-2913-3/



** Changed in: openssl (Ubuntu)
   Status: Confirmed => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1565293

Title:
  OpenSSL 1.0.1 fails to recognize cross-signed roots as trusted

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  Google has it's own certificate authority "Google Internet Authority
  G2", which is signed by "GeoTrust Global CA". GeoTrust's certificate
  is already in the trust stores, but it's cross-signed by an older root
  named "Equifax Secure Certificate Authority".

  The Equifax uses a 1024 bit private key and has therefore been removed
  by Mozilla in their library (NSS), see
  https://bugzilla.mozilla.org/show_bug.cgi?id=1156844.

  Issuance from 1024 bit roots has been stopped in 2010 or 2011 IIRC and
  1024 bit keys are no longer safe enough, so the root has been excluded
  from their root program. However, Ubuntu 12.04 and 14.04 do still ship
  with that root in their trust store.

  A bug in the currently default OpenSSL 1.0.1f (at least in 14.04)
  causes OpenSSL to error if that root is missing, even if the previous
  root certificate "GeoTrust Global CA" is already in the root and
  therefore trusted. It seems like it doesn't stop on the first trusted
  certificate but instead requires a complete chain, so requires the
  "Equifax Secure Certificate Authority" to be in the trust store. That
  behavior is fixed in OpenSSL 1.0.2.

  All 1024 bit roots should be removed from the default trust stores as
  soon as possible. For this to work, the OpenSSL bug has to be
  backported first.

  If this is not going to be fixed, at least in 2018, we'll have an
  issue, because that's the date where "Equifax Secure Certificate
  Authority" will expire. If Google and various other sites will not
  change their root to be non-cross-signed, many connections will break
  and fail.

  Domains I know to use old cross-signed certificates: google.com,
  yahoo.com. I didn't do any scans, those were just the first two I
  tried.

  The following will happen on Aug 22 2018 without a fix:

  kelunik@example:~$ faketime '2018-08-23 00:00:00' openssl s_client -quiet 
-verify_return_error -connect google.com:443 -CApath /usr/lib/ssl/certs
  depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
  verify error:num=10:certificate has expired
  notAfter=Aug 22 16:41:51 2018 GMT
  verify return:0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1565293/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565293] Re: OpenSSL 1.0.1 fails to recognize cross-signed roots as trusted

[Marc Deslauriers]

So it seems "Equifax Secure Certificate Authority" is still present in
the latest ca-certificates package. Presumably once Mozilla removes it
we will issue an updated ca-certificates package.

However, removing it still allows google to validate:

$ sudo rm /usr/lib/ssl/certs/Equifax_Secure_CA.pem

$ openssl s_client -quiet -verify_return_error -connect google.com:443 -CApath 
/usr/lib/ssl/certs
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = 
google.com
verify return:1

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1565293

Title:
  OpenSSL 1.0.1 fails to recognize cross-signed roots as trusted

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  Google has it's own certificate authority "Google Internet Authority
  G2", which is signed by "GeoTrust Global CA". GeoTrust's certificate
  is already in the trust stores, but it's cross-signed by an older root
  named "Equifax Secure Certificate Authority".

  The Equifax uses a 1024 bit private key and has therefore been removed
  by Mozilla in their library (NSS), see
  https://bugzilla.mozilla.org/show_bug.cgi?id=1156844.

  Issuance from 1024 bit roots has been stopped in 2010 or 2011 IIRC and
  1024 bit keys are no longer safe enough, so the root has been excluded
  from their root program. However, Ubuntu 12.04 and 14.04 do still ship
  with that root in their trust store.

  A bug in the currently default OpenSSL 1.0.1f (at least in 14.04)
  causes OpenSSL to error if that root is missing, even if the previous
  root certificate "GeoTrust Global CA" is already in the root and
  therefore trusted. It seems like it doesn't stop on the first trusted
  certificate but instead requires a complete chain, so requires the
  "Equifax Secure Certificate Authority" to be in the trust store. That
  behavior is fixed in OpenSSL 1.0.2.

  All 1024 bit roots should be removed from the default trust stores as
  soon as possible. For this to work, the OpenSSL bug has to be
  backported first.

  If this is not going to be fixed, at least in 2018, we'll have an
  issue, because that's the date where "Equifax Secure Certificate
  Authority" will expire. If Google and various other sites will not
  change their root to be non-cross-signed, many connections will break
  and fail.

  Domains I know to use old cross-signed certificates: google.com,
  yahoo.com. I didn't do any scans, those were just the first two I
  tried.

  The following will happen on Aug 22 2018 without a fix:

  kelunik@example:~$ faketime '2018-08-23 00:00:00' openssl s_client -quiet 
-verify_return_error -connect google.com:443 -CApath /usr/lib/ssl/certs
  depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
  verify error:num=10:certificate has expired
  notAfter=Aug 22 16:41:51 2018 GMT
  verify return:0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1565293/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1573494] Re: winbind 4.3.8 has an ntlm_auth that breaks evolution-ews

[Marc Deslauriers]

** Also affects: libsoup2.4 (Ubuntu)
   Importance: Undecided
   Status: New

** Project changed: samba => libsoup

** Also affects: samba (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: libsoup2.4 (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: evolution-ews (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: samba (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Also affects: libsoup2.4 (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Also affects: evolution-ews (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Also affects: samba (Ubuntu Wily)
   Importance: Undecided
   Status: New

** Also affects: libsoup2.4 (Ubuntu Wily)
   Importance: Undecided
   Status: New

** Also affects: evolution-ews (Ubuntu Wily)
   Importance: Undecided
   Status: New

** Changed in: libsoup2.4 (Ubuntu Trusty)
   Status: New => Confirmed

** Changed in: libsoup2.4 (Ubuntu Trusty)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: libsoup2.4 (Ubuntu Wily)
   Status: New => Confirmed

** Changed in: libsoup2.4 (Ubuntu Wily)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: libsoup2.4 (Ubuntu Xenial)
   Status: New => Confirmed

** Changed in: libsoup2.4 (Ubuntu Xenial)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** No longer affects: samba (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libsoup2.4 in Ubuntu.
https://bugs.launchpad.net/bugs/1573494

Title:
  winbind 4.3.8 has an ntlm_auth that breaks evolution-ews

Status in libsoup:
  Fix Released
Status in evolution-ews package in Ubuntu:
  New
Status in libsoup2.4 package in Ubuntu:
  New
Status in evolution-ews source package in Trusty:
  New
Status in libsoup2.4 source package in Trusty:
  Confirmed
Status in samba source package in Trusty:
  New
Status in evolution-ews source package in Wily:
  New
Status in libsoup2.4 source package in Wily:
  Confirmed
Status in samba source package in Wily:
  New
Status in evolution-ews source package in Xenial:
  New
Status in libsoup2.4 source package in Xenial:
  Confirmed
Status in samba source package in Xenial:
  New
Status in samba package in Fedora:
  Unknown

Bug description:
  See https://bugzilla.redhat.com/show_bug.cgi?id=1327072 and
  https://bugzilla.gnome.org/show_bug.cgi?id=765106 for the fix to
  libsoup.

  I think evolution-ews also might need a rebuild.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: winbind 2:4.3.8+dfsg-0ubuntu1
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Fri Apr 22 02:34:28 2016
  InstallationDate: Installed on 2016-04-15 (7 days ago)
  InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021)
  RelatedPackageVersions:
   nautilus 1:3.20.0-0ubuntu1~xenial2
   gvfs 1.28.1-1ubuntu1
  SambaClientRegression: Yes
  SourcePackage: samba
  UpgradeStatus: Upgraded to xenial on 2016-04-21 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/libsoup/+bug/1573494/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1512002] Re: Annoying dialog "Authentication is required to change your own user data"

[Marc Deslauriers]

I can't think of any reason why having a session would be important in
this case, so I think changing allow_any to yes should be fine.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to accountsservice in Ubuntu.
https://bugs.launchpad.net/bugs/1512002

Title:
  Annoying dialog "Authentication is required to change your own user
  data"

Status in accountsservice:
  Confirmed
Status in accountsservice package in Ubuntu:
  Triaged
Status in indicator-messages package in Ubuntu:
  Confirmed
Status in policykit-1-gnome package in Ubuntu:
  Confirmed

Bug description:
  Every few days a dialog pops up saying "Authentication is required to change 
your own user data" with an entry field for a password. If I type my user's 
password the dialog will reappear with an empty entry field. If I click on the 
cross to close the window many times it will be gone, but reappear a few days 
later. I don't know what this window is for and it makes no difference whether 
I close it or leave it. I don't use the gnome keyring.
  This started with Ubuntu 15.04 or maybe with an earlier release, and is still 
there in Ubuntu 15.10, also on machines I did a fresh install.

To manage notifications about this bug go to:
https://bugs.launchpad.net/accountsservice/+bug/1512002/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1573494] Re: winbind 4.3.8 has an ntlm_auth that breaks evolution-ews

[Marc Deslauriers]

Thanks for testing it Simon!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libsoup2.4 in Ubuntu.
https://bugs.launchpad.net/bugs/1573494

Title:
  winbind 4.3.8 has an ntlm_auth that breaks evolution-ews

Status in libsoup:
  Fix Released
Status in Ubuntu GNOME:
  New
Status in evolution-ews package in Ubuntu:
  Invalid
Status in libsoup2.4 package in Ubuntu:
  Fix Released
Status in evolution-ews source package in Trusty:
  Invalid
Status in libsoup2.4 source package in Trusty:
  Fix Released
Status in samba source package in Trusty:
  Invalid
Status in evolution-ews source package in Wily:
  Invalid
Status in libsoup2.4 source package in Wily:
  Fix Released
Status in samba source package in Wily:
  Invalid
Status in evolution-ews source package in Xenial:
  Invalid
Status in libsoup2.4 source package in Xenial:
  Fix Released
Status in samba source package in Xenial:
  Invalid
Status in samba package in Fedora:
  Unknown

Bug description:
  See https://bugzilla.redhat.com/show_bug.cgi?id=1327072 and
  https://bugzilla.gnome.org/show_bug.cgi?id=765106 for the fix to
  libsoup.

  I think evolution-ews also might need a rebuild.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: winbind 2:4.3.8+dfsg-0ubuntu1
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Fri Apr 22 02:34:28 2016
  InstallationDate: Installed on 2016-04-15 (7 days ago)
  InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021)
  RelatedPackageVersions:
   nautilus 1:3.20.0-0ubuntu1~xenial2
   gvfs 1.28.1-1ubuntu1
  SambaClientRegression: Yes
  SourcePackage: samba
  UpgradeStatus: Upgraded to xenial on 2016-04-21 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/libsoup/+bug/1573494/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1573494] Re: winbind 4.3.8 has an ntlm_auth that breaks evolution-ews

[Marc Deslauriers]

I've put updated libsoup packages that fix this issue in the security
team PPA here:

https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages

I'd appreciate if someone could test them to see if they fix evolution-
ews NTLM authentication and comment here. If they test ok, I'll release
them.

Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libsoup2.4 in Ubuntu.
https://bugs.launchpad.net/bugs/1573494

Title:
  winbind 4.3.8 has an ntlm_auth that breaks evolution-ews

Status in libsoup:
  Fix Released
Status in evolution-ews package in Ubuntu:
  New
Status in libsoup2.4 package in Ubuntu:
  New
Status in evolution-ews source package in Trusty:
  New
Status in libsoup2.4 source package in Trusty:
  Confirmed
Status in samba source package in Trusty:
  New
Status in evolution-ews source package in Wily:
  New
Status in libsoup2.4 source package in Wily:
  Confirmed
Status in samba source package in Wily:
  New
Status in evolution-ews source package in Xenial:
  New
Status in libsoup2.4 source package in Xenial:
  Confirmed
Status in samba source package in Xenial:
  New
Status in samba package in Fedora:
  Unknown

Bug description:
  See https://bugzilla.redhat.com/show_bug.cgi?id=1327072 and
  https://bugzilla.gnome.org/show_bug.cgi?id=765106 for the fix to
  libsoup.

  I think evolution-ews also might need a rebuild.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: winbind 2:4.3.8+dfsg-0ubuntu1
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Fri Apr 22 02:34:28 2016
  InstallationDate: Installed on 2016-04-15 (7 days ago)
  InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021)
  RelatedPackageVersions:
   nautilus 1:3.20.0-0ubuntu1~xenial2
   gvfs 1.28.1-1ubuntu1
  SambaClientRegression: Yes
  SourcePackage: samba
  UpgradeStatus: Upgraded to xenial on 2016-04-21 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/libsoup/+bug/1573494/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1580700] Re: wget in 12.04 does not support SNI

[Marc Deslauriers]

** Tags removed: verification-needed
** Tags added: verification-done

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to wget in Ubuntu.
https://bugs.launchpad.net/bugs/1580700

Title:
  wget in 12.04 does not support SNI

Status in wget package in Ubuntu:
  Fix Released
Status in wget source package in Precise:
  Fix Committed

Bug description:
  [Impact]
  wget in Ubuntu 12.04 doesn't have support for TLS Server Name Indication, 
which makes it incompatible with certain sites, includes sites that use the 
Let's Encrypt Authority.

  The updated package fixes the issue with a backported patch from wget
  1.14.

  [Test Case]
  1- wget https://www.x.org
  2- Connection should succeed, instead of getting an error (ERROR: no 
certificate subject alternative name matches)

  [Regression Potential]
  Commit is simple. If broken, could possibly break SSL support in wget.

  
  Original report:

  Let's Encrypt Authority should be added to CA-certificates.
  https://www.X.org is now using a cert from this CA, wget fails when
  connecting to X.org.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/1580700/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1580700] Re: Add Let's Encrypt Authority to Package

[Marc Deslauriers]

Current ca-certificates should already have the required CA.

Which version of ca-certificates, and which version of wget are you
trying?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1580700

Title:
  Add Let's Encrypt Authority to Package

Status in ca-certificates package in Ubuntu:
  New
Status in wget package in Ubuntu:
  New

Bug description:
  Let's Encrypt Authority should be added to CA-certificates.
  https://www.X.org is now using a cert from this CA, wget fails when
  connecting to X.org.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1580700/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1580700] Re: Add Let's Encrypt Authority to Package

[Marc Deslauriers]

I've uploaded a fixed wget package to precise-proposed for processing by
the SRU team.

** Also affects: wget (Ubuntu Precise)
   Importance: Undecided
   Status: New

** Changed in: wget (Ubuntu)
   Status: New => Fix Released

** Changed in: wget (Ubuntu Precise)
   Status: New => Confirmed

** Changed in: wget (Ubuntu Precise)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Description changed:

+ [Impact]
+ wget in Ubuntu 12.04 doesn't have support for TLS Server Name Indication, 
which makes it incompatible with certain sites, includes sites that use the 
Let's Encrypt Authority.
+ 
+ The updated package fixes the issue with a backported patch from wget
+ 1.14.
+ 
+ [Test Case]
+ 1- wget https://www.x.org
+ 2- Connection should succeed, instead of getting an error (ERROR: no 
certificate subject alternative name matches)
+ 
+ [Regression Potential]
+ Commit is simple. If broken, could possibly break SSL support in wget.
+ 
+ 
+ Original report:
+ 
  Let's Encrypt Authority should be added to CA-certificates.
  https://www.X.org is now using a cert from this CA, wget fails when
  connecting to X.org.

** Summary changed:

- Add Let's Encrypt Authority to Package
+ wget in 12.04 does not support SNI

** Changed in: wget (Ubuntu Precise)
   Status: Confirmed => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to wget in Ubuntu.
https://bugs.launchpad.net/bugs/1580700

Title:
  wget in 12.04 does not support SNI

Status in wget package in Ubuntu:
  Fix Released
Status in wget source package in Precise:
  In Progress

Bug description:
  [Impact]
  wget in Ubuntu 12.04 doesn't have support for TLS Server Name Indication, 
which makes it incompatible with certain sites, includes sites that use the 
Let's Encrypt Authority.

  The updated package fixes the issue with a backported patch from wget
  1.14.

  [Test Case]
  1- wget https://www.x.org
  2- Connection should succeed, instead of getting an error (ERROR: no 
certificate subject alternative name matches)

  [Regression Potential]
  Commit is simple. If broken, could possibly break SSL support in wget.

  
  Original report:

  Let's Encrypt Authority should be added to CA-certificates.
  https://www.X.org is now using a cert from this CA, wget fails when
  connecting to X.org.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/1580700/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1581030] Re: Please drop --enable-admin-flag

[Marc Deslauriers]

It's not useless, it is used by /etc/bash.bashrc to know whether or not
to print the help message if the user has not used sudo before.

As for moving the file to xdg-cache, please file a bug with the upstream 
developers here:
https://bugzilla.sudo.ws/index.cgi

Once the bug has been filed, please attach it here.

Thanks!


** Changed in: sudo (Ubuntu)
   Importance: Undecided => Wishlist

** Changed in: sudo (Ubuntu)
   Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1581030

Title:
  Please drop --enable-admin-flag

Status in sudo package in Ubuntu:
  Triaged

Bug description:
  Debian doesn't compile with this flag, imho on desktop it is useless
  and clutters my home folder with .sudo-as-admin-succesful, at least
  move it to xdg-cache or something.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1581030/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1581084] Re: CMS Consistency Test failed

[Marc Deslauriers]

Here's the patch we're going to include in our next openssl updates.

** Patch added: "update-expired-smime-test-certs.patch"
   
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1581084/+attachment/4661310/+files/update-expired-smime-test-certs.patch

** Changed in: openssl (Ubuntu)
   Status: New => Confirmed

** Changed in: openssl (Ubuntu)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1581084

Title:
  CMS Consistency Test failed

Status in openssl package in Ubuntu:
  Confirmed

Bug description:
  It looks like the CMS test certificates are expired and are causing
  verification failures.

  openssl_1.0.1f-1ubuntu2.19_amd64.deb

  When building from source I get the following error:

  CMS consistency test
  /usr/bin/perl cms-test.pl
  CMS => PKCS#7 compatibility tests
  signed content DER format, RSA key: verify error
  make[2]: *** [test_cms] Error 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1581084/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1580700] Re: wget in 12.04 does not support SNI

[Marc Deslauriers]

If you've added precise-proposed to your /etc/apt/sources.list, all you
need to do is perform the two following commands:

1- apt-get update
2- apt-get install wget

Don't forget to remove precise-proposed from your /etc/apt/sources.list
when you're done.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to wget in Ubuntu.
https://bugs.launchpad.net/bugs/1580700

Title:
  wget in 12.04 does not support SNI

Status in wget package in Ubuntu:
  Fix Released
Status in wget source package in Precise:
  Fix Committed

Bug description:
  [Impact]
  wget in Ubuntu 12.04 doesn't have support for TLS Server Name Indication, 
which makes it incompatible with certain sites, includes sites that use the 
Let's Encrypt Authority.

  The updated package fixes the issue with a backported patch from wget
  1.14.

  [Test Case]
  1- wget https://www.x.org
  2- Connection should succeed, instead of getting an error (ERROR: no 
certificate subject alternative name matches)

  [Regression Potential]
  Commit is simple. If broken, could possibly break SSL support in wget.

  
  Original report:

  Let's Encrypt Authority should be added to CA-certificates.
  https://www.X.org is now using a cert from this CA, wget fails when
  connecting to X.org.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/1580700/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1580700] Re: Add Let's Encrypt Authority to Package

[Marc Deslauriers]

I can reproduce this with wget on 12.04, but not on 14.04. Both use the
same version of ca-certificates.

Using openssl directly also works:
openssl s_client -CAfile /etc/ssl/certs/ca-certificates.crt -connect 
www.x.org:443

I suspect wget on 12.04 is doing something odd, I'll look into this.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1580700

Title:
  Add Let's Encrypt Authority to Package

Status in wget package in Ubuntu:
  New

Bug description:
  Let's Encrypt Authority should be added to CA-certificates.
  https://www.X.org is now using a cert from this CA, wget fails when
  connecting to X.org.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/1580700/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1580700] Re: Add Let's Encrypt Authority to Package

[Marc Deslauriers]

Ubuntu 12.04 has wget 1.13.4, which doesn't have support for TLS Server
Name Indication, which was included in 1.14. That needs to get
backported.

** No longer affects: ca-certificates (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1580700

Title:
  Add Let's Encrypt Authority to Package

Status in wget package in Ubuntu:
  New

Bug description:
  Let's Encrypt Authority should be added to CA-certificates.
  https://www.X.org is now using a cert from this CA, wget fails when
  connecting to X.org.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/1580700/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565567] Re: segv in sudo_getgrgid

[Marc Deslauriers]

Thanks for the detailed analysis.

I have uploaded a package for testing with the minimal fix in the
following PPA:

https://launchpad.net/~mdeslaur/+archive/ubuntu/testing

Once it's finished building, could someone please check if the package
resolves their issue? If so, I'll upload it to proposed as an SRU.

Thanks!


** Changed in: sudo (Ubuntu)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: sudo (Ubuntu Xenial)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Bug watch added: bugzilla.sudo.ws/ #743
   http://bugzilla.sudo.ws/show_bug.cgi?id=743

** Also affects: sudo via
   http://bugzilla.sudo.ws/show_bug.cgi?id=743
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1565567

Title:
  segv in sudo_getgrgid

Status in sudo:
  Unknown
Status in sudo package in Ubuntu:
  Confirmed
Status in sudo source package in Xenial:
  Confirmed

Bug description:
  If the user is in a group with no name (because libnss-db got removed
  and the group was defined there, for example...) then:

  the call to sudo_debug_printf in sudo_getgrgid
  (plugins/sudoers/pwutil.c, line 462) causes a SEGV when trying to get
  item->d.gr->gr_name (since item->d.gr is NULL).

To manage notifications about this bug go to:
https://bugs.launchpad.net/sudo/+bug/1565567/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565567] Re: segv in sudo_getgrgid

[Marc Deslauriers]

** Also affects: sudo (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: sudo (Ubuntu Xenial)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1565567

Title:
  segv in sudo_getgrgid

Status in sudo package in Ubuntu:
  Confirmed
Status in sudo source package in Xenial:
  Confirmed

Bug description:
  If the user is in a group with no name (because libnss-db got removed
  and the group was defined there, for example...) then:

  the call to sudo_debug_printf in sudo_getgrgid
  (plugins/sudoers/pwutil.c, line 462) causes a SEGV when trying to get
  item->d.gr->gr_name (since item->d.gr is NULL).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1565567/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565567] Re: segv in sudo_getgrgid

[Marc Deslauriers]

Packages in the PPA have been successfully tested, and upstream has
commited a slightly more exhaustive fix:

https://www.sudo.ws/repos/sudo/rev/1d13341d53ec

I have uploaded the fix to yakkety.
I have uploaded the fix to xenial for processing by the SRU team.

** Changed in: sudo (Ubuntu)
   Status: Confirmed => Fix Committed

** Changed in: sudo (Ubuntu Xenial)
   Status: Confirmed => In Progress

** Changed in: sudo (Ubuntu Xenial)
   Importance: Undecided => High

** Description changed:

+ [Impact]
+ 
+ In certain environments, for example when using LDAP, users can end up
+ in a group with no name. When that happens, sudo crashes when attempting
+ to look up the group name for the debug log.
+ 
+ Upstream has commited a simple fix for this issue, it has been commited
+ to Yakkety, and uploaded to Xenial.
+ 
+ [Test Case]
+ 
+ I currently don't know an easy way to reproduce this, it is environment-
+ specific. A package containing the fix was successfully tested in the
+ problematic environment.
+ 
+ [Regression Potential]
+ 
+ A regression in the patch would prevent users from using sudo. The risk
+ of regression is low since the patch only changes the debug log.
+ 
+ 
+ Original report:
+ 
  If the user is in a group with no name (because libnss-db got removed
  and the group was defined there, for example...) then:
  
  the call to sudo_debug_printf in sudo_getgrgid
  (plugins/sudoers/pwutil.c, line 462) causes a SEGV when trying to get
  item->d.gr->gr_name (since item->d.gr is NULL).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1565567

Title:
  segv in sudo_getgrgid

Status in sudo:
  Unknown
Status in sudo package in Ubuntu:
  Fix Committed
Status in sudo source package in Xenial:
  In Progress

Bug description:
  [Impact]

  In certain environments, for example when using LDAP, users can end up
  in a group with no name. When that happens, sudo crashes when
  attempting to look up the group name for the debug log.

  Upstream has commited a simple fix for this issue, it has been
  commited to Yakkety, and uploaded to Xenial.

  [Test Case]

  I currently don't know an easy way to reproduce this, it is
  environment-specific. A package containing the fix was successfully
  tested in the problematic environment.

  [Regression Potential]

  A regression in the patch would prevent users from using sudo. The
  risk of regression is low since the patch only changes the debug log.


  Original report:

  If the user is in a group with no name (because libnss-db got removed
  and the group was defined there, for example...) then:

  the call to sudo_debug_printf in sudo_getgrgid
  (plugins/sudoers/pwutil.c, line 462) causes a SEGV when trying to get
  item->d.gr->gr_name (since item->d.gr is NULL).

To manage notifications about this bug go to:
https://bugs.launchpad.net/sudo/+bug/1565567/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1573353] Re: package libpcre3:amd64 1:8.31-2ubuntu2.2 failed to install/upgrade: package libpcre3:amd64 is not ready for configuration cannot configure (current status `half-inst

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcre3 in Ubuntu.
https://bugs.launchpad.net/bugs/1573353

Title:
  package libpcre3:amd64 1:8.31-2ubuntu2.2 failed to install/upgrade:
  package libpcre3:amd64 is not ready for configuration  cannot
  configure (current status `half-installed')

Status in pcre3 package in Ubuntu:
  New

Bug description:
  Boot failure

  ProblemType: Package
  DistroRelease: Ubuntu 14.04
  Package: libpcre3:amd64 1:8.31-2ubuntu2.2
  ProcVersionSignature: Ubuntu 3.13.0-85.129-generic 3.13.11-ckt36
  Uname: Linux 3.13.0-85-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.19
  AptOrdering:
   libpcre3: Configure
   libpcrecpp0: Install
   libpcrecpp0: Configure
  Architecture: amd64
  Date: Thu Apr 21 20:13:47 2016
  Dependencies:
   gcc-4.9-base 4.9.3-0ubuntu4
   libc6 2.19-0ubuntu6.7
   libgcc1 1:4.9.3-0ubuntu4
   multiarch-support 2.19-0ubuntu6.7
  ErrorMessage: package libpcre3:amd64 is not ready for configuration  cannot 
configure (current status `half-installed')
  InstallationDate: Installed on 2014-10-21 (548 days ago)
  InstallationMedia: Ubuntu-Server 14.04 LTS "Trusty Tahr" - Release amd64 
(20140416.2)
  RelatedPackageVersions:
   dpkg 1.17.5ubuntu5.5
   apt  1.0.1ubuntu2.13
  SourcePackage: pcre3
  Title: package libpcre3:amd64 1:8.31-2ubuntu2.2 failed to install/upgrade: 
package libpcre3:amd64 is not ready for configuration  cannot configure 
(current status `half-installed')
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1573353/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1573416] Re: package systemd 229-4ubuntu4 failed to install/upgrade: subprocess installed pre-removal script returned error exit status 2

[Marc Deslauriers]

*** This bug is a duplicate of bug 1570310 ***
https://bugs.launchpad.net/bugs/1570310

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1573416

Title:
  package systemd 229-4ubuntu4 failed to install/upgrade: subprocess
  installed pre-removal script returned error exit status 2

Status in systemd package in Ubuntu:
  New

Bug description:
  NA

  ProblemType: Package
  DistroRelease: Ubuntu 16.04
  Package: systemd 229-4ubuntu4
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  Date: Fri Apr 22 10:29:16 2016
  DpkgTerminalLog:
   Preparing to unpack .../systemd_229-4ubuntu4_amd64.deb ...
   De-configuring udev (225-1ubuntu9.1) ...
   dpkg: error processing archive 
/var/cache/apt/archives/systemd_229-4ubuntu4_amd64.deb (--unpack):
subprocess installed pre-removal script returned error exit status 2
  DuplicateSignature:
   De-configuring udev (225-1ubuntu9.1) ...
   dpkg: error processing archive 
/var/cache/apt/archives/systemd_229-4ubuntu4_amd64.deb (--unpack):
subprocess installed pre-removal script returned error exit status 2
  ErrorMessage: subprocess installed pre-removal script returned error exit 
status 2
  InstallationDate: Installed on 2016-02-05 (77 days ago)
  InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422)
  MachineType: Dell Inc. OptiPlex 780
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-21-generic 
root=UUID=47858366-fbcd-4e50-a053-65830f0f49da ro quiet splash vt.handoff=7
  RelatedPackageVersions:
   dpkg 1.18.4ubuntu1
   apt  1.2.10ubuntu1
  SourcePackage: systemd
  SystemdDelta:
   [EXTENDED]   /lib/systemd/system/systemd-timesyncd.service → 
/lib/systemd/system/systemd-timesyncd.service.d/disable-with-time-daemon.conf
   [EXTENDED]   /lib/systemd/system/rc-local.service → 
/lib/systemd/system/rc-local.service.d/debian.conf
   [EXTENDED]   /etc/systemd/system/display-manager.service → 
/lib/systemd/system/display-manager.service.d/xdiagnose.conf
   
   3 overridden configuration files found.
  Title: package systemd 229-4ubuntu4 failed to install/upgrade: subprocess 
installed pre-removal script returned error exit status 2
  UpgradeStatus: Upgraded to xenial on 2016-04-22 (0 days ago)
  dmi.bios.date: 08/11/2010
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: A05
  dmi.board.name: 0200DY
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A02
  dmi.chassis.type: 3
  dmi.chassis.vendor: Dell Inc.
  dmi.modalias: 
dmi:bvnDellInc.:bvrA05:bd08/11/2010:svnDellInc.:pnOptiPlex780:pvr:rvnDellInc.:rn0200DY:rvrA02:cvnDellInc.:ct3:cvr:
  dmi.product.name: OptiPlex 780
  dmi.sys.vendor: Dell Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1573416/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1578422] Re: fsck

[Marc Deslauriers]

Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.

Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally,
in the report please include:

1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System -> 
About Ubuntu.
2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by 
checking in Synaptic.
3) What happened and what you expected to happen.

The Ubuntu community has also created debugging procedures for a wide
variety of packages at https://wiki.ubuntu.com/DebuggingProcedures .
Following the debugging instructions for the affected package will make
your bug report much more complete. Thanks!


** Information type changed from Private Security to Public

** Changed in: xorg (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1578422

Title:
  fsck

Status in xorg package in Ubuntu:
  Invalid

Bug description:
  restore mode

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: xorg 1:7.7+13ubuntu3
  ProcVersionSignature: Ubuntu 3.19.0-58.64-generic 3.19.8-ckt16
  Uname: Linux 3.19.0-58-generic i686
  .tmp.unity_support_test.1:
   
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: i386
  BootLog:
   
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: compiz
  CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0'
  CompositorUnredirectFSW: true
  Date: Wed May  4 19:37:15 2016
  DistUpgraded: Fresh install
  DistroCodename: xenial
  DistroVariant: ubuntu
  DkmsStatus:
   virtualbox, 5.0.18, 4.2.0-35-generic, i686: installed
   virtualbox, 5.0.18, 4.4.0-21-generic, i686: installed
  ExtraDebuggingInterest: Yes, including running git bisection searches
  GraphicsCard:
   Intel Corporation 2nd Generation Core Processor Family Integrated Graphics 
Controller [8086:0106] (rev 09) (prog-if 00 [VGA controller])
 Subsystem: Holco Enterprise Co, Ltd/Shuttle Computer 2nd Generation Core 
Processor Family Integrated Graphics Controller [1297:2027]
  InstallationDate: Installed on 2016-04-05 (29 days ago)
  InstallationMedia: It
  MachineType: Positivo Informatica SA C14CU41TV
  ProcEnviron:
   LANGUAGE=pt_BR:pt:en
   PATH=(custom, no user)
   LANG=pt_BR.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.19.0-58-generic 
root=UUID=ed6fca0e-01db-41fa-8b24-c19dacd183b1 ro recovery nomodeset
  Renderer: Software
  SourcePackage: xorg
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 06/05/2013
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: 1.01.U
  dmi.board.asset.tag: To be filled by O.E.M.
  dmi.board.name: C14CU41TV
  dmi.board.vendor: Positivo Informatica SA
  dmi.board.version: POSITIVO
  dmi.chassis.asset.tag: To Be Filled By O.E.M.
  dmi.chassis.type: 10
  dmi.chassis.vendor: Positivo Informatica SA
  dmi.chassis.version: POSITIVO
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvr1.01.U:bd06/05/2013:svnPositivoInformaticaSA:pnC14CU41TV:pvr1.01.U_POS:rvnPositivoInformaticaSA:rnC14CU41TV:rvrPOSITIVO:cvnPositivoInformaticaSA:ct10:cvrPOSITIVO:
  dmi.product.name: C14CU41TV
  dmi.product.version: 1.01.U_POS
  dmi.sys.vendor: Positivo Informatica SA
  version.compiz: compiz 1:0.9.12.2+16.04.20160415-0ubuntu1
  version.libdrm2: libdrm2 2.4.67-1
  version.libgl1-mesa-dri: libgl1-mesa-dri 11.2.0-1ubuntu2
  version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
  version.libgl1-mesa-glx: libgl1-mesa-glx 11.2.0-1ubuntu2
  version.xserver-xorg-core: xserver-xorg-core 2:1.18.3-1ubuntu2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.1-1ubuntu2
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.7.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20160325-1ubuntu1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.12-1build2
  xserver.bootTime: Wed May  4 19:34:23 2016
  xserver.configfile: default
  xserver.logfile: /var/log/Xorg.0.log
  xserver.version: 2:1.18.3-1ubuntu2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1578422/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1577720] Re: dnsmasq resolves xyzzy.xyzzy.xyzzy. to unknown IP

[Marc Deslauriers]

I can't reproduce this, which dns server are you using?

** Changed in: dnsmasq (Ubuntu)
   Status: New => Incomplete

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dnsmasq in Ubuntu.
https://bugs.launchpad.net/bugs/1577720

Title:
  dnsmasq resolves xyzzy.xyzzy.xyzzy. to unknown IP

Status in dnsmasq package in Ubuntu:
  Incomplete

Bug description:
  [enzo@Feynman ~/Temp] host xyzzy.xyzzy.xyzzy.
  xyzzy.xyzzy.xyzzy has address 54.72.52.58
  Host xyzzy.xyzzy.xyzzy not found: 3(NXDOMAIN)
  Host xyzzy.xyzzy.xyzzy not found: 3(NXDOMAIN)
  [enzo@Feynman ~/Temp] host 54.72.52.58
  58.52.72.54.in-addr.arpa domain name pointer 
ec2-54-72-52-58.eu-west-1.compute.amazonaws.com.

  This is unacceptable and a potential security risk!

  "xyzzy.xyzzy.xyzzy." is an invalidDNS name that needs to always fail
  when resolved.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: dnsmasq (not installed)
  ProcVersionSignature: Ubuntu 4.4.0-21.37-lowlatency 4.4.6
  Uname: Linux 4.4.0-21-lowlatency x86_64
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  CurrentDesktop: KDE
  Date: Tue May  3 12:34:10 2016
  InstallationDate: Installed on 2016-04-22 (10 days ago)
  InstallationMedia: Kubuntu 16.04 LTS "Xenial Xerus" - Release amd64 
(20160420.1)
  SourcePackage: dnsmasq
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1577720/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1577790] Re: OS Does not rememeber wifi on/off state upon startup.

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1577790

Title:
  OS Does not rememeber wifi on/off state upon startup.

Status in network-manager package in Ubuntu:
  New

Bug description:
  I am a novice.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: network-manager 1.1.93-0ubuntu4
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  CurrentDesktop: MATE
  Date: Tue May  3 07:01:41 2016
  IfupdownConfig:
   # interfaces(5) file used by ifup(8) and ifdown(8)
   auto lo
   iface lo inet loopback
  InstallationDate: Installed on 2016-04-29 (3 days ago)
  InstallationMedia: Ubuntu-MATE 16.04 LTS "Xenial Xerus" - Release amd64 
(20160420.1)
  IpRoute:
   default via 100.65.9.1 dev enp3s0  proto static  metric 100 
   100.65.9.0/24 dev enp3s0  proto kernel  scope link  src 100.65.9.125  metric 
100 
   169.254.0.0/16 dev enp3s0  scope link  metric 1000
  JournalErrors:
   Error: command ['journalctl', '-b', '--priority=warning', '--lines=1000'] 
failed with exit code 1: Hint: You are currently not seeing messages from other 
users and the system.
 Users in the 'systemd-journal' group can see all messages. Pass -q to
 turn off this notice.
   No journal files were opened due to insufficient permissions.
  NetworkManager.state:
   [main]
   NetworkingEnabled=true
   WirelessEnabled=false
   WWANEnabled=true
  SourcePackage: network-manager
  UpgradeStatus: No upgrade log present (probably fresh install)
  WifiSyslog:
   
  nmcli-dev:
   DEVICE  TYPE  STATEDBUS-PATH  
CONNECTION  CON-UUID  CON-PATH  
 
   enp3s0  ethernet  connected/org/freedesktop/NetworkManager/Devices/0  
Wired connection 1  d25df914-c77f-4e01-997b-59d0777ebd61  
/org/freedesktop/NetworkManager/ActiveConnection/0 
   wlp4s0  wifi  unavailable  /org/freedesktop/NetworkManager/Devices/2  -- 
 ----   
  
   lo  loopback  unmanaged/org/freedesktop/NetworkManager/Devices/1  -- 
 ----
  nmcli-nm: Error: command ['nmcli', '-f', 'all', 'nm'] failed with exit code 
2: Error: Object 'nm' is unknown, try 'nmcli help'.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1577790/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1577048] Re: intel hd graphics for 530 series for 6th gen intel for ubuntu 16.00

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1577048

Title:
  intel hd graphics for 530 series for 6th gen intel for ubuntu 16.00

Status in xorg package in Ubuntu:
  New

Bug description:
  running with nvidia graphics, its power consuming

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: xorg 1:7.7+13ubuntu3
  Uname: Linux 4.4.8-040408-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia_modeset nvidia
  .proc.driver.nvidia.gpus..01.00.0: Error: [Errno 21] Is a directory: 
'/proc/driver/nvidia/gpus/:01:00.0'
  .proc.driver.nvidia.registry: Binary: ""
  .proc.driver.nvidia.version:
   NVRM version: NVIDIA UNIX x86_64 Kernel Module  361.42  Tue Mar 22 18:10:58 
PDT 2016
   GCC version:  gcc version 5.3.1 20160413 (Ubuntu 5.3.1-14ubuntu2)
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  BootLog: [  OK  ] Started LSB: Speech Dispatcher.
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: compiz
  CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0'
  CompositorUnredirectFSW: true
  Date: Sat Apr 30 22:05:02 2016
  DistUpgraded: Fresh install
  DistroCodename: xenial
  DistroVariant: ubuntu
  DkmsStatus:
   bbswitch, 0.8, 4.4.8-040408-generic, x86_64: installed
   nvidia-361, 361.42, 4.4.8-040408-generic, x86_64: installed
  ExtraDebuggingInterest: Yes, if not too technical
  GraphicsCard:
   Intel Corporation Sky Lake Integrated Graphics [8086:1916] (rev 07) (prog-if 
00 [VGA controller])
 Subsystem: ASUSTeK Computer Inc. Skylake Integrated Graphics [1043:246a]
 Subsystem: ASUSTeK Computer Inc. GM108M [GeForce 930M] [1043:246a]
  InstallationDate: Installed on 2016-04-30 (0 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 
(20160420.1)
  MachineType: ASUSTeK COMPUTER INC. X556UF
  ProcEnviron:
   LANGUAGE=en_IN:en
   PATH=(custom, no user)
   LANG=en_IN
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.8-040408-generic 
root=UUID=aa85b536-77bc-4020-a4ae-2f4d87688ce9 ro quiet splash
  SourcePackage: xorg
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 09/10/2015
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: X556UF.206
  dmi.board.asset.tag: ATN12345678901234567
  dmi.board.name: X556UF
  dmi.board.vendor: ASUSTeK COMPUTER INC.
  dmi.board.version: 1.0
  dmi.chassis.asset.tag: ATN12345678901234567
  dmi.chassis.type: 10
  dmi.chassis.vendor: ASUSTeK COMPUTER INC.
  dmi.chassis.version: 1.0
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvrX556UF.206:bd09/10/2015:svnASUSTeKCOMPUTERINC.:pnX556UF:pvr1.0:rvnASUSTeKCOMPUTERINC.:rnX556UF:rvr1.0:cvnASUSTeKCOMPUTERINC.:ct10:cvr1.0:
  dmi.product.name: X556UF
  dmi.product.version: 1.0
  dmi.sys.vendor: ASUSTeK COMPUTER INC.
  version.compiz: compiz 1:0.9.12.2+16.04.20160415-0ubuntu1
  version.ia32-libs: ia32-libs N/A
  version.libdrm2: libdrm2 2.4.67-1
  version.libgl1-mesa-dri: libgl1-mesa-dri 11.2.0-1ubuntu2
  version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
  version.libgl1-mesa-glx: libgl1-mesa-glx 11.2.0-1ubuntu2
  version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A
  version.xserver-xorg-core: xserver-xorg-core 2:1.18.3-1ubuntu2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.1-1ubuntu2
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.7.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20160325-1ubuntu1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.12-1build2
  xserver.bootTime: Sat Apr 30 21:33:06 2016
  xserver.configfile: /etc/X11/xorg.conf
  xserver.errors:
   
  xserver.logfile: /var/log/Xorg.0.log
  xserver.version: 2:1.18.3-1ubuntu2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1577048/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1577052] Re: initial boot up

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1577052

Title:
  initial boot up

Status in xorg package in Ubuntu:
  New

Bug description:
  system is not booting properly, have to hard boot but after initial
  start up some times have to hard boot two or three times before proper
  boot is obtained, suspect window BIOS interfering, installed Linux
  BIOS as instructed still having initial boot up problem, what to do?

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: xorg 1:7.7+13ubuntu3
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  BootLog:
   
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: compiz
  CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0'
  CompositorUnredirectFSW: true
  Date: Sat Apr 30 13:22:46 2016
  DistUpgraded: Fresh install
  DistroCodename: xenial
  DistroVariant: ubuntu
  ExtraDebuggingInterest: Yes, if not too technical
  GraphicsCard:
   Advanced Micro Devices, Inc. [AMD/ATI] BeaverCreek [Radeon HD 6520G] 
[1002:9647] (prog-if 00 [VGA controller])
 Subsystem: Samsung Electronics Co Ltd BeaverCreek [Radeon HD 6520G] 
[144d:c608]
  InstallationDate: Installed on 2016-04-29 (1 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 
(20160420.1)
  MachineType: SAMSUNG ELECTRONICS CO., LTD. 305V4A/305V5A
  ProcEnviron:
   LANGUAGE=en_US
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-21-generic 
root=UUID=160b234b-0a93-4ecf-9317-f2f816e1ae51 ro quiet splash vt.handoff=7
  SourcePackage: xorg
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 11/11/2011
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: 03QN.MI02.2011.SKK
  dmi.board.asset.tag: To be filled by O.E.M.
  dmi.board.name: 305V4A/305V4A
  dmi.board.vendor: SAMSUNG ELECTRONICS CO., LTD.
  dmi.board.version: 03QN
  dmi.chassis.asset.tag: No Asset Tag
  dmi.chassis.type: 9
  dmi.chassis.vendor: SAMSUNG ELECTRONICS CO., LTD.
  dmi.chassis.version: N/A
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvr03QN.MI02.2011.SKK:bd11/11/2011:svnSAMSUNGELECTRONICSCO.,LTD.:pn305V4A/305V5A:pvr03QN:rvnSAMSUNGELECTRONICSCO.,LTD.:rn305V4A/305V4A:rvr03QN:cvnSAMSUNGELECTRONICSCO.,LTD.:ct9:cvrN/A:
  dmi.product.name: 305V4A/305V5A
  dmi.product.version: 03QN
  dmi.sys.vendor: SAMSUNG ELECTRONICS CO., LTD.
  version.compiz: compiz 1:0.9.12.2+16.04.20160415-0ubuntu1
  version.ia32-libs: ia32-libs N/A
  version.libdrm2: libdrm2 2.4.67-1
  version.libgl1-mesa-dri: libgl1-mesa-dri 11.2.0-1ubuntu2
  version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
  version.libgl1-mesa-glx: libgl1-mesa-glx 11.2.0-1ubuntu2
  version.xserver-xorg-core: xserver-xorg-core 2:1.18.3-1ubuntu2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.1-1ubuntu2
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.7.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20160325-1ubuntu1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.12-1build2
  xserver.bootTime: Sat Apr 30 08:26:20 2016
  xserver.configfile: default
  xserver.errors:
   
  xserver.logfile: /var/log/Xorg.0.log
  xserver.version: 2:1.18.3-1ubuntu2
  xserver.video_driver: radeon

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1577052/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1577027] Re: [SATELLITE R850, Realtek ALC269VB, Mic, Internal] Recording problem

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Public Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/1577027

Title:
  [SATELLITE R850, Realtek ALC269VB, Mic, Internal] Recording problem

Status in alsa-driver package in Ubuntu:
  New

Bug description:
  skype is not working correctly by making a test call i cant hear my
  own voice,need help tryed everything without solution

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: alsa-base 1.0.25+dfsg-0ubuntu5
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  alen   2334 F pulseaudio
alen   8727 F alsamixer
  CurrentDesktop: Unity
  Date: Sat Apr 30 20:01:09 2016
  InstallationDate: Installed on 2016-04-25 (5 days ago)
  InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021)
  PackageArchitecture: all
  SourcePackage: alsa-driver
  Symptom: audio
  Symptom_AlsaRecordingTest: ALSA recording test through plughw:PCH failed
  Symptom_Card: Internes Audio - HDA Intel PCH
  Symptom_Jack: Mic, Internal
  Symptom_Type: None of the above
  Title: [SATELLITE R850, Realtek ALC269VB, Mic, Internal] Recording problem
  UpgradeStatus: Upgraded to xenial on 2016-04-25 (5 days ago)
  dmi.bios.date: 01/08/2013
  dmi.bios.vendor: TOSHIBA
  dmi.bios.version: Version 4.10
  dmi.board.asset.tag: 00
  dmi.board.name: Portable PC
  dmi.board.vendor: TOSHIBA
  dmi.board.version: Version A0
  dmi.chassis.asset.tag: 00
  dmi.chassis.type: 10
  dmi.chassis.vendor: TOSHIBA
  dmi.chassis.version: Version 1.0
  dmi.modalias: 
dmi:bvnTOSHIBA:bvrVersion4.10:bd01/08/2013:svnTOSHIBA:pnSATELLITER850:pvrPT52HE-01800KY4:rvnTOSHIBA:rnPortablePC:rvrVersionA0:cvnTOSHIBA:ct10:cvrVersion1.0:
  dmi.product.name: SATELLITE R850
  dmi.product.version: PT52HE-01800KY4
  dmi.sys.vendor: TOSHIBA
  mtime.conffile..etc.modprobe.d.alsa-base.conf: 2016-04-30T19:35:18.019830

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1577027/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1573715] Re: package libperl5.22 5.22.1-9 failed to install/upgrade: intentando sobreescribir el compartido `/usr/share/doc/libperl5.22/changelog.Debian.gz', que es distinto de o

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to perl in Ubuntu.
https://bugs.launchpad.net/bugs/1573715

Title:
  package libperl5.22 5.22.1-9 failed to install/upgrade: intentando
  sobreescribir el compartido
  `/usr/share/doc/libperl5.22/changelog.Debian.gz', que es distinto de
  otras instancias del paquetes libperl5.22:i386

Status in perl package in Ubuntu:
  New

Bug description:
  problem with update

  ProblemType: Package
  DistroRelease: Ubuntu 16.04
  Package: libperl5.22 5.22.1-9
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  Date: Fri Apr 22 19:03:32 2016
  DpkgTerminalLog:
   Preparando para desempaquetar .../libperl5.22_5.22.1-9_i386.deb ...
   Desempaquetando libperl5.22:i386 (5.22.1-9) ...
   dpkg: error al procesar el archivo 
/var/cache/apt/archives/libperl5.22_5.22.1-9_i386.deb (--unpack):
intentando sobreescribir el compartido 
`/usr/share/doc/libperl5.22/changelog.Debian.gz', que es distinto de otras 
instancias del paquetes libperl5.22:i386
  ErrorMessage: intentando sobreescribir el compartido 
`/usr/share/doc/libperl5.22/changelog.Debian.gz', que es distinto de otras 
instancias del paquetes libperl5.22:i386
  RelatedPackageVersions:
   dpkg 1.18.4ubuntu1
   apt  1.2.10ubuntu1
  SourcePackage: perl
  Title: package libperl5.22 5.22.1-9 failed to install/upgrade: intentando 
sobreescribir el compartido `/usr/share/doc/libperl5.22/changelog.Debian.gz', 
que es distinto de otras instancias del paquetes libperl5.22:i386
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/perl/+bug/1573715/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1573451] Re: package systemd-sysv 229-4ubuntu4 failed to install/upgrade: pre-dependency problem - not installing systemd-sysv

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1573451

Title:
  package systemd-sysv 229-4ubuntu4 failed to install/upgrade: pre-
  dependency problem - not installing systemd-sysv

Status in systemd package in Ubuntu:
  New

Bug description:
  encountered a few errors while upgrading from 15.10 to 16.04. Then
  there was a message that there were too many errors and the upgrade
  process will be aborted but then nothing happened and after I
  restarted my laptop was running ubuntu 16.04. After logging in though
  numerous errors popped up on of which was the above.

  ProblemType: Package
  DistroRelease: Ubuntu 16.04
  Package: systemd-sysv 229-4ubuntu4
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  Date: Fri Apr 22 17:00:03 2016
  ErrorMessage: pre-dependency problem - not installing systemd-sysv
  InstallationDate: Installed on 2016-04-12 (9 days ago)
  InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021)
  RelatedPackageVersions:
   dpkg 1.18.4ubuntu1
   apt  1.2.10ubuntu1
  SourcePackage: systemd
  Title: package systemd-sysv 229-4ubuntu4 failed to install/upgrade: 
pre-dependency problem - not installing systemd-sysv
  UpgradeStatus: Upgraded to xenial on 2016-04-22 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1573451/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1573527] Re: find a bug

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1573527

Title:
  find a bug

Status in xorg package in Ubuntu:
  New

Bug description:
  my laptop is getting hang very frequently

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: xorg 1:7.7+13ubuntu3
  ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
  Uname: Linux 4.4.0-21-generic x86_64
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: None
  Date: Fri Apr 22 16:07:58 2016
  DistUpgraded: Fresh install
  DistroCodename: xenial
  DistroVariant: ubuntu
  GraphicsCard:
   Intel Corporation Atom Processor Z36xxx/Z37xxx Series Graphics & Display 
[8086:0f31] (rev 0e) (prog-if 00 [VGA controller])
 Subsystem: Dell Atom Processor Z36xxx/Z37xxx Series Graphics & Display 
[1028:06ab]
  InstallationDate: Installed on 2016-04-22 (0 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 
(20160420.1)
  MachineType: Dell Inc. Inspiron 3551
  ProcEnviron:
   LANGUAGE=en_IN:en
   PATH=(custom, no user)
   LANG=en_IN
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-21-generic 
root=UUID=415ea77a-91b5-4b63-aa6d-6d8152b707cd ro quiet splash vt.handoff=7
  SourcePackage: xorg
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 12/05/2014
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: A00
  dmi.board.name: 0CMF7W
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A00
  dmi.chassis.type: 8
  dmi.chassis.vendor: Dell Inc.
  dmi.chassis.version: Not Specified
  dmi.modalias: 
dmi:bvnDellInc.:bvrA00:bd12/05/2014:svnDellInc.:pnInspiron3551:pvrA00:rvnDellInc.:rn0CMF7W:rvrA00:cvnDellInc.:ct8:cvrNotSpecified:
  dmi.product.name: Inspiron 3551
  dmi.product.version: A00
  dmi.sys.vendor: Dell Inc.
  version.compiz: compiz 1:0.9.12.2+16.04.20160415-0ubuntu1
  version.ia32-libs: ia32-libs N/A
  version.libdrm2: libdrm2 2.4.67-1
  version.libgl1-mesa-dri: libgl1-mesa-dri 11.2.0-1ubuntu2
  version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
  version.libgl1-mesa-glx: libgl1-mesa-glx 11.2.0-1ubuntu2
  version.xserver-xorg-core: xserver-xorg-core 2:1.18.3-1ubuntu2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.1-1ubuntu2
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.7.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20160325-1ubuntu1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.12-1build2
  xserver.bootTime: Fri Apr 22 16:03:27 2016
  xserver.configfile: default
  xserver.errors:
   
  xserver.logfile: /var/log/Xorg.0.log
  xserver.outputs:
   product id1156 
   vendor LGD
  xserver.version: 2:1.18.3-1ubuntu2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1573527/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

[Marc Deslauriers]

** Also affects: openldap (Ubuntu Wily)
   Importance: Undecided
   Status: New

** Also affects: openldap (Ubuntu Yakkety)
   Importance: Medium
   Status: Confirmed

** Also affects: openldap (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: openldap (Ubuntu Wily)
   Status: New => Confirmed

** Changed in: openldap (Ubuntu Xenial)
   Status: New => Confirmed

** Changed in: openldap (Ubuntu Wily)
   Importance: Undecided => Medium

** Changed in: openldap (Ubuntu Xenial)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557248

Title:
  OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

Status in openldap package in Ubuntu:
  Confirmed
Status in openldap source package in Wily:
  Confirmed
Status in openldap source package in Xenial:
  Confirmed
Status in openldap source package in Yakkety:
  Confirmed
Status in openldap package in Debian:
  New

Bug description:
  May I ask that you backport an upstream patch that resolves the issue
  of use-after-free in libldap that interferes with syncrepl, causing
  failures and segfaults.

  OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea
  Link: 
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea
  Modifications to file: libraries/libldap/tls_g.c

  This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu 
xenial), as well as in 2.4.44 (current upstream stable version). More details 
are availble on OpenLDAP project bug tracker at:
  http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385

  Thank you

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

[Marc Deslauriers]

Thanks for the patched packages!

I've uploaded your changes to yakkety with a slight change in the
changelog to better describe the issue. I've also uploaded updates to
wily and xenial for processing by the SRU team. Thanks!


** Changed in: openldap (Ubuntu Yakkety)
   Status: Confirmed => Fix Committed

** Changed in: openldap (Ubuntu Wily)
   Status: Confirmed => In Progress

** Changed in: openldap (Ubuntu Xenial)
   Status: Confirmed => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557248

Title:
  OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

Status in openldap package in Ubuntu:
  Fix Committed
Status in openldap source package in Wily:
  In Progress
Status in openldap source package in Xenial:
  In Progress
Status in openldap source package in Yakkety:
  Fix Committed
Status in openldap package in Debian:
  New

Bug description:
  May I ask that you backport an upstream patch that resolves the issue
  of use-after-free in libldap that interferes with syncrepl, causing
  failures and segfaults.

  OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea
  Link: 
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea
  Modifications to file: libraries/libldap/tls_g.c

  This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu 
xenial), as well as in 2.4.44 (current upstream stable version). More details 
are availble on OpenLDAP project bug tracker at:
  http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385

  Thank you

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

[Marc Deslauriers]

As per the SRU requirements, could you please update the bug description
with a testing procedure? See here for more information:

https://wiki.ubuntu.com/StableReleaseUpdates

Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557248

Title:
  OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

Status in openldap package in Ubuntu:
  Fix Committed
Status in openldap source package in Wily:
  In Progress
Status in openldap source package in Xenial:
  In Progress
Status in openldap source package in Yakkety:
  Fix Committed
Status in openldap package in Debian:
  New

Bug description:
  May I ask that you backport an upstream patch that resolves the issue
  of use-after-free in libldap that interferes with syncrepl, causing
  failures and segfaults.

  OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea
  Link: 
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea
  Modifications to file: libraries/libldap/tls_g.c

  This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu 
xenial), as well as in 2.4.44 (current upstream stable version). More details 
are availble on OpenLDAP project bug tracker at:
  http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385

  Thank you

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1512781] Re: CVE-2015-5602 - Unauthorized Privilege Escalation

[Marc Deslauriers]

Xenial now has 1.8.16, marking released.

** Changed in: sudo (Ubuntu Xenial)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1512781

Title:
  CVE-2015-5602 - Unauthorized Privilege Escalation

Status in sudo:
  Unknown
Status in sudo package in Ubuntu:
  Fix Released
Status in sudo source package in Precise:
  Confirmed
Status in sudo source package in Trusty:
  Confirmed
Status in sudo source package in Vivid:
  Confirmed
Status in sudo source package in Wily:
  Confirmed
Status in sudo source package in Xenial:
  Fix Released
Status in sudo package in Debian:
  Fix Released

Bug description:
  https://www.exploit-db.com/exploits/37710/

  As descpribed in the link above, sudo versions lower or equal than
  1.8.14 have a security issue: user with root access to a path with
  more than one wildcard can access forbidden files such as /etc/shadow,
  because sudoedit (sudo -e) does not verifiy full path of accessed
  file:

  (quote from link above)

  It seems that sudoedit does not check the full path if a wildcard is used
  twice (e.g. /home/*/*/file.txt), allowing a malicious user to replace the
  file.txt real file with a symbolic link to a different location (e.g.
  /etc/shadow).

  As an expample,

  1. Give user `usr' right to edit some his files:

  usr ALL=(root) NOPASSWD: sudoedit /home/*/*/test.txt

  2. Under usr, create ~/temp directory, and then create a symblink
  ~/temp/test.txt to /etc/shadow

  3. Perform sudoedit ~/temp/test.txt - you will able to access
  /etc/shadow.

  What realease is affected: tested on all supported now Ubuntu
  versions. For personaly me, it's 14.04 LTS.

  What version is affected: as mentioned, all versions <=1.8.14. For
  personally me, it's 1.8.9p5

  What was expected and happend instead: sudoedit should check full real
  path, but it didn't.

To manage notifications about this bug go to:
https://bugs.launchpad.net/sudo/+bug/1512781/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1570394] Re: Missing GTE CyberTrust Global Root in trusty-updates repo

[Marc Deslauriers]

Which eclipse package are you using, and what site are you accessing
that is giving the error?

** Changed in: ca-certificates (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1570394

Title:
  Missing GTE CyberTrust Global Root in trusty-updates repo

Status in ca-certificates package in Ubuntu:
  Incomplete

Bug description:
  Hi,

  I noticed that my Eclipse keeps asking about eclipse.org certificate
  that has subj CA. I found that it is completely missing in my system.
  Still the interesting thing that makes me think this is a kind of a
  bug that the ca-certificates package from trusty-security *has* this
  certificate, while the one located at trusty-updates hasn't. Otherwise
  these packages have the same version. There are also other differences
  in certificate list.

  Probably some build time bug.

  Compare files at http://packages.ubuntu.com/trusty-updates/all/ca-
  certificates/filelist and http://packages.ubuntu.com/trusty/all/ca-
  certificates/filelist

  Ubuntu release:
  Description:Ubuntu 14.04.4 LTS
  Release:14.04

  package details:
  ca-certificates:
Installed: 20160104ubuntu0.14.04.1
Candidate: 20160104ubuntu0.14.04.1
Version table:
   *** 20160104ubuntu0.14.04.1 0
  500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 
Packages
  500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 
Packages
  100 /var/lib/dpkg/status
   20130906ubuntu2 0
  500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

  /Alex

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1570394/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1570394] Re: Missing GTE CyberTrust Global Root in trusty-updates repo

[Marc Deslauriers]

That link shows the contents of the original ca-certificates package
that shipped with trusty, not the one from trusty-security.

Closing this bug. Thanks!

** Changed in: ca-certificates (Ubuntu)
   Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1570394

Title:
  Missing GTE CyberTrust Global Root in trusty-updates repo

Status in ca-certificates package in Ubuntu:
  Invalid

Bug description:
  Hi,

  I noticed that my Eclipse keeps asking about eclipse.org certificate
  that has subj CA. I found that it is completely missing in my system.
  Still the interesting thing that makes me think this is a kind of a
  bug that the ca-certificates package from trusty-security *has* this
  certificate, while the one located at trusty-updates hasn't. Otherwise
  these packages have the same version. There are also other differences
  in certificate list.

  Probably some build time bug.

  Compare files at http://packages.ubuntu.com/trusty-updates/all/ca-
  certificates/filelist and http://packages.ubuntu.com/trusty/all/ca-
  certificates/filelist

  Ubuntu release:
  Description:Ubuntu 14.04.4 LTS
  Release:14.04

  package details:
  ca-certificates:
Installed: 20160104ubuntu0.14.04.1
Candidate: 20160104ubuntu0.14.04.1
Version table:
   *** 20160104ubuntu0.14.04.1 0
  500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 
Packages
  500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 
Packages
  100 /var/lib/dpkg/status
   20130906ubuntu2 0
  500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

  /Alex

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1570394/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1570394] Re: Missing GTE CyberTrust Global Root in trusty-updates repo

[Marc Deslauriers]

That certificate is not going to be added back. I suggest filing a bug
with Eclipse so that they sign using a different CA, especially since
that one expires in 2018.

The package in trusty-security doesn't contain this certificate. I'm not sure 
why you believe it does.
trusty-updates and trusty-security contain the exact same package.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1570394

Title:
  Missing GTE CyberTrust Global Root in trusty-updates repo

Status in ca-certificates package in Ubuntu:
  Incomplete

Bug description:
  Hi,

  I noticed that my Eclipse keeps asking about eclipse.org certificate
  that has subj CA. I found that it is completely missing in my system.
  Still the interesting thing that makes me think this is a kind of a
  bug that the ca-certificates package from trusty-security *has* this
  certificate, while the one located at trusty-updates hasn't. Otherwise
  these packages have the same version. There are also other differences
  in certificate list.

  Probably some build time bug.

  Compare files at http://packages.ubuntu.com/trusty-updates/all/ca-
  certificates/filelist and http://packages.ubuntu.com/trusty/all/ca-
  certificates/filelist

  Ubuntu release:
  Description:Ubuntu 14.04.4 LTS
  Release:14.04

  package details:
  ca-certificates:
Installed: 20160104ubuntu0.14.04.1
Candidate: 20160104ubuntu0.14.04.1
Version table:
   *** 20160104ubuntu0.14.04.1 0
  500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 
Packages
  500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 
Packages
  100 /var/lib/dpkg/status
   20130906ubuntu2 0
  500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

  /Alex

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1570394/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1570394] Re: Missing GTE CyberTrust Global Root in trusty-updates repo

[Marc Deslauriers]

The GTE CyberTrust Global Root certificate was removed by the following
security update:

http://www.ubuntu.com/usn/usn-2913-1/

Here is some more information on why that CA was removed:
https://blog.mozilla.org/security/2015/01/28/phase-2-phasing-out-certificates-with-1024-bit-rsa-keys/
https://bugzilla.mozilla.org/show_bug.cgi?id=1047011

The filelist links you provided above compare the original version of
ca-certificates with the one in trusty-updates, which is why you're
seeing the missing CA.


** Bug watch added: Mozilla Bugzilla #1047011
   https://bugzilla.mozilla.org/show_bug.cgi?id=1047011

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1570394

Title:
  Missing GTE CyberTrust Global Root in trusty-updates repo

Status in ca-certificates package in Ubuntu:
  Incomplete

Bug description:
  Hi,

  I noticed that my Eclipse keeps asking about eclipse.org certificate
  that has subj CA. I found that it is completely missing in my system.
  Still the interesting thing that makes me think this is a kind of a
  bug that the ca-certificates package from trusty-security *has* this
  certificate, while the one located at trusty-updates hasn't. Otherwise
  these packages have the same version. There are also other differences
  in certificate list.

  Probably some build time bug.

  Compare files at http://packages.ubuntu.com/trusty-updates/all/ca-
  certificates/filelist and http://packages.ubuntu.com/trusty/all/ca-
  certificates/filelist

  Ubuntu release:
  Description:Ubuntu 14.04.4 LTS
  Release:14.04

  package details:
  ca-certificates:
Installed: 20160104ubuntu0.14.04.1
Candidate: 20160104ubuntu0.14.04.1
Version table:
   *** 20160104ubuntu0.14.04.1 0
  500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 
Packages
  500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 
Packages
  100 /var/lib/dpkg/status
   20130906ubuntu2 0
  500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

  /Alex

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1570394/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1575239] Re: sudo sssd ldap segmentation fault

[Marc Deslauriers]

This may be a dupe of bug 1565567.

Have you tried the sudo package in xenial-proposed? (1.8.16-0ubuntu1.1)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1575239

Title:
  sudo sssd ldap segmentation fault

Status in sudo package in Ubuntu:
  Confirmed

Bug description:
  This seems to be comparable to this bug: 
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1327268
  The same situation with the same results but in 16.04 Xenial Release - 
sudo_1.8.16-0ubuntu1_amd64.deb.

  The problem is resolved by installing the Trusty sudo package -
  sudo_1.8.9p5-1ubuntu1.1_amd64.deb.

  This problem does not exist if sssd is not installed.

  lsb_release -rd
  Description:  Ubuntu 16.04 LTS
  Release:  16.04

  apt-cache policy sudo
  sudo:
    Installed: 1.8.16-0ubuntu1
    Candidate: 1.8.16-0ubuntu1
    Version table:
   *** 1.8.16-0ubuntu1 500
  500 ftp://ls-mirror.csir.co.za/mirrors/ubuntu/repositories/xenial 
xenial/main amd64 Packages
  100 /var/lib/dpkg/status

  The local repo is built from archive.ubuntu.com via debmirror.
  All updates installed.

  Expected result:
  sudo -l to show sudo permissions

  Received result:
  Segmentation fault (core dumped)

  /var/log/syslog:
  Apr 26 17:17:24 cstrydom-vm1 kernel: [  709.535083] sudo[10116]: segfault at 
0 ip 7fa7a7aac944 sp 7ffe547c4458 error 4 in 
sudoers.so[7fa7a7a8+4b000]

  gdb output:
  Starting program: /usr/bin/sudo
  [Thread debugging using libthread_db enabled]
  Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
  sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 
'nosuid' option set or an NFS file system without root privileges?
  [Inferior 1 (process 4911) exited with code 01]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1575239/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565567] Re: segv in sudo_getgrgid

[Marc Deslauriers]

Don't worry about it, I changed it back. :)

** Changed in: sudo (Ubuntu Xenial)
   Status: Fix Released => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1565567

Title:
  segv in sudo_getgrgid

Status in sudo:
  Unknown
Status in sudo package in Ubuntu:
  Fix Released
Status in sudo source package in Xenial:
  Fix Committed

Bug description:
  [Impact]

  In certain environments, for example when using LDAP, users can end up
  in a group with no name. When that happens, sudo crashes when
  attempting to look up the group name for the debug log.

  Upstream has commited a simple fix for this issue, it has been
  commited to Yakkety, and uploaded to Xenial.

  [Test Case]

  I currently don't know an easy way to reproduce this, it is
  environment-specific. A package containing the fix was successfully
  tested in the problematic environment.

  [Regression Potential]

  A regression in the patch would prevent users from using sudo. The
  risk of regression is low since the patch only changes the debug log.


  Original report:

  If the user is in a group with no name (because libnss-db got removed
  and the group was defined there, for example...) then:

  the call to sudo_debug_printf in sudo_getgrgid
  (plugins/sudoers/pwutil.c, line 462) causes a SEGV when trying to get
  item->d.gr->gr_name (since item->d.gr is NULL).

To manage notifications about this bug go to:
https://bugs.launchpad.net/sudo/+bug/1565567/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1575239] Re: sudo sssd ldap segmentation fault

[Marc Deslauriers]

*** This bug is a duplicate of bug 1565567 ***
https://bugs.launchpad.net/bugs/1565567

Thanks for testing it. Could you please add a comment to bug 1565567
that you tested it successfully? Thanks!

** This bug has been marked a duplicate of bug 1565567
   segv in sudo_getgrgid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1575239

Title:
  sudo sssd ldap segmentation fault

Status in sudo package in Ubuntu:
  Confirmed

Bug description:
  This seems to be comparable to this bug: 
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1327268
  The same situation with the same results but in 16.04 Xenial Release - 
sudo_1.8.16-0ubuntu1_amd64.deb.

  The problem is resolved by installing the Trusty sudo package -
  sudo_1.8.9p5-1ubuntu1.1_amd64.deb.

  This problem does not exist if sssd is not installed.

  lsb_release -rd
  Description:  Ubuntu 16.04 LTS
  Release:  16.04

  apt-cache policy sudo
  sudo:
    Installed: 1.8.16-0ubuntu1
    Candidate: 1.8.16-0ubuntu1
    Version table:
   *** 1.8.16-0ubuntu1 500
  500 ftp://ls-mirror.csir.co.za/mirrors/ubuntu/repositories/xenial 
xenial/main amd64 Packages
  100 /var/lib/dpkg/status

  The local repo is built from archive.ubuntu.com via debmirror.
  All updates installed.

  Expected result:
  sudo -l to show sudo permissions

  Received result:
  Segmentation fault (core dumped)

  /var/log/syslog:
  Apr 26 17:17:24 cstrydom-vm1 kernel: [  709.535083] sudo[10116]: segfault at 
0 ip 7fa7a7aac944 sp 7ffe547c4458 error 4 in 
sudoers.so[7fa7a7a8+4b000]

  gdb output:
  Starting program: /usr/bin/sudo
  [Thread debugging using libthread_db enabled]
  Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
  sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 
'nosuid' option set or an NFS file system without root privileges?
  [Inferior 1 (process 4911) exited with code 01]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1575239/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1585614] Re: PHP Update on 2016-05-25 causes Apache not to restart, libm.so.6: symbol __strtold_nan, version GLIBC_PRIVATE not defined in file libc.so.6 with link time reference

[Marc Deslauriers]

I suspect this is caused by the eglibc update, not the php5 update.
Reassigning bug.

** Package changed: php5 (Ubuntu) => eglibc (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/1585614

Title:
  PHP Update on 2016-05-25 causes Apache not to restart, libm.so.6:
  symbol __strtold_nan, version GLIBC_PRIVATE not defined in file
  libc.so.6 with link time reference

Status in eglibc package in Ubuntu:
  Confirmed

Bug description:
  This morning I applied the following updates to Ubuntu 12.04
  webservers:

  The following packages are currently pending an upgrade:

   apt 0.8.16~exp12ubuntu10.27
   apt-transport-https 0.8.16~exp12ubuntu10.27
   apt-utils 0.8.16~exp12ubuntu10.27
   libapache2-mod-php5 5.3.10-1ubuntu3.23
   libapt-inst1.4 0.8.16~exp12ubuntu10.27
   libapt-pkg4.12 0.8.16~exp12ubuntu10.27
   php5-cli 5.3.10-1ubuntu3.23
   php5-common 5.3.10-1ubuntu3.23
   php5-curl 5.3.10-1ubuntu3.23
   php5-dev 5.3.10-1ubuntu3.23
   php5-gd 5.3.10-1ubuntu3.23
   php5-mysql 5.3.10-1ubuntu3.23
   php-pear 5.3.10-1ubuntu3.23

  Apache fails to restart, siting error:

  apache2: Syntax error on line 212 of /etc/apache2/apache2.conf: Syntax
  error on line 1 of /etc/apache2/mods-enabled/php5.load: Cannot load
  /usr/lib/apache2/modules/libphp5.so into server: /lib/x86_64-linux-
  gnu/libm.so.6: symbol __strtold_nan, version GLIBC_PRIVATE not defined
  in file libc.so.6 with link time reference

  Into file /var/log/apache2/error.log

  Looks like I am trying to roll back all those php packages... Which I
  see several updates marked Security Update in the changelogs, thus
  checking the "security vulnerability" box as rolling back in this case
  is such. :-(

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1585614/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1602680] Re: ecryptfs not work with libnss3/libnss3-1d Version 2:3.23-0ubuntu0.12.04.1

[Marc Deslauriers]

FYI, I couldn't reproduce this earlier either.

I installed a new Ubuntu 12.04.5 VM with encrypted home, and was able to
successfully upgrade to the newer nss without any issues.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1602680

Title:
  ecryptfs not work with libnss3/libnss3-1d Version
  2:3.23-0ubuntu0.12.04.1

Status in nss package in Ubuntu:
  New

Bug description:
  After updating libnss3 and libnss3-1d from 2:3.21-0ubuntu0.12.04.3 to
  2:3.23-0ubuntu0.12.04.1 last night it is not longer possible to mount
  my home directory encrypted with ecryptfs.

  Automatic by login or with ecryptfs-recover-private or else not work.

  After downgrade to Version 2:3.21-0ubuntu0.12.04.3 if works fine.

  syslog:

  Jul 13 01:29:36 Michael-Thinkpad-X121e-SSD 
ecryptfs-insert-wrapped-passphrase-into-keyring: do_hash: PK11_HashBuf() error; 
SECFailure = [-1]; PORT_GetError() = [-8128]
  Jul 13 01:29:36 Michael-Thinkpad-X121e-SSD 
ecryptfs-insert-wrapped-passphrase-into-keyring: Error generating passphrase 
signature; rc = [-22]
  Jul 13 01:29:36 Michael-Thinkpad-X121e-SSD 
ecryptfs-insert-wrapped-passphrase-into-keyring: Error attempting to unwrap 
passphrase from file [/home/michael/.ecryptfs/wrapped-passphrase]; rc = [-22]

  
-

  lsb_release -rd

  Description:  Ubuntu 12.04.5 LTS
  Release:  12.04


  apt-cache policy libnss3 libnss3-1d after downgrade to previous
  version

  libnss3:
Installiert: 2:3.21-0ubuntu0.12.04.3
Kandidat:2:3.23-0ubuntu0.12.04.1
Versionstabelle:
   2:3.23-0ubuntu0.12.04.1 0
  500 http://archive.ubuntu.com/ubuntu/ precise-updates/main amd64 
Packages
  500 http://archive.ubuntu.com/ubuntu/ precise-security/main amd64 
Packages
   *** 2:3.21-0ubuntu0.12.04.3 0
  100 /var/lib/dpkg/status
   3.13.1.with.ckbi.1.88-1ubuntu6 0
  500 http://archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
  libnss3-1d:
Installiert: 2:3.21-0ubuntu0.12.04.3
Kandidat:2:3.23-0ubuntu0.12.04.1
Versionstabelle:
   2:3.23-0ubuntu0.12.04.1 0
  500 http://archive.ubuntu.com/ubuntu/ precise-updates/main amd64 
Packages
  500 http://archive.ubuntu.com/ubuntu/ precise-security/main amd64 
Packages
   *** 2:3.21-0ubuntu0.12.04.3 0
  100 /var/lib/dpkg/status
   3.13.1.with.ckbi.1.88-1ubuntu6 0
  500 http://archive.ubuntu.com/ubuntu/ precise/main amd64 Packages

  I have marked the bug as security vulnerability because

  I must use older version they be more unsafe than the new one to work
  with my laptop.

  Unfortunately I go to holiday tomorrow. I'll be back at next monday
  18. July 2016

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1602680/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1604500] Re: please merge keyutils from Debian

[Marc Deslauriers]

OK, I'll try a plain sync, and if that fails, I'll upload your merge.
Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to keyutils in Ubuntu.
https://bugs.launchpad.net/bugs/1604500

Title:
  please merge keyutils from Debian

Status in keyutils package in Ubuntu:
  New

Bug description:
  attached debdiff, build ongoing @costamagnagianfranco/locutusofborg-
  ppa

  BTW I would try a plain sync, just to check if the testsuite is good
  or not with new kernel

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/keyutils/+bug/1604500/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1604500] Re: please merge keyutils from Debian

[Marc Deslauriers]

** Changed in: keyutils (Ubuntu)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to keyutils in Ubuntu.
https://bugs.launchpad.net/bugs/1604500

Title:
  please merge keyutils from Debian

Status in keyutils package in Ubuntu:
  Fix Committed

Bug description:
  attached debdiff, build ongoing @costamagnagianfranco/locutusofborg-
  ppa

  BTW I would try a plain sync, just to check if the testsuite is good
  or not with new kernel

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/keyutils/+bug/1604500/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1567670] Re: you can drop nssdb integration

[Marc Deslauriers]

yakkety sync dropped the delta. Marking as fix released.

** Changed in: nss (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1567670

Title:
  you can drop nssdb integration

Status in nss package in Ubuntu:
  Fix Released

Bug description:
  Hi, freeipa-client doesn't need /etc/pki/nssdb anymore but uses it's
  own db (/etc/ipa/nssdb) by now, so you can drop the delta to debian
  from xenial and up at least.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1567670/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1589288] Re: python3.4 package missing threading module in trusty-security

[Marc Deslauriers]

I can't reproduce this issue at all. The threading module definitely is
in the libpython3.4-stdlib package, for both the release pocket, and the
-security pocket:

$ dpkg -c libpython3.4-stdlib_3.4.0-2ubuntu1_amd64.deb | grep threading.py
-rw-r--r-- root/root 48898 2014-04-11 10:13 ./usr/lib/python3.4/threading.py
-rw-r--r-- root/root  2815 2014-04-11 10:13 
./usr/lib/python3.4/dummy_threading.py

$ dpkg -c libpython3.4-stdlib_3.4.0-2ubuntu1.1_amd64.deb | grep threading.py
-rw-r--r-- root/root  2815 2015-06-19 11:33 
./usr/lib/python3.4/dummy_threading.py
-rw-r--r-- root/root 48898 2015-06-19 11:33 ./usr/lib/python3.4/threading.py

I've attempted to reproduce using the steps in the bug description, but
it's working fine for me in a newly-installed trusty VM.

I'm not sure why you're seeing this issue. Your log file seems to
indicate you have the libpython3.4-stdlib package installed, but the
threading.py file is missing in your /usr/lib/python3.4 directory. That
seems to be an issue in your environment, as that file is definitely in
the package.

Are you able to reproduce this with a cleanly installed VM?

** Changed in: python3.4 (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python3.4 in Ubuntu.
https://bugs.launchpad.net/bugs/1589288

Title:
  python3.4 package missing threading module in trusty-security

Status in python3.4 package in Ubuntu:
  Incomplete

Bug description:
  Someone forgot to add threading.py module in
  libpython3.4-mininal_3.4.0-2ubuntu1.1 package. I fail when trying to
  work with python3.4 in trusty-security environment.

  How to reproduce:
  1. Install new Ubuntu Trusty WITHOUT online updates or downgrade all packages 
to trusty-security.
  2. Disable *-updates repositories, update apt cache:
  # sed -i -e'/-updates/s/^/# /' /etc/apt/sources.list && apt-get update
  3. Upgrade python3 packages:
  # apt-get install python3 python3-minimal python3.4 python3.4-minimal 
libpython3.4-minimal libpython3.4-stdlib
  4. Try to import threading module (will fail):
  # python3 -c 'import threading'
  Traceback (most recent call last):
    File "", line 1, in 
  ImportError: No module named 'threading'

  Without threading.py `pip3 install` and `add-apt-repository` will
  fail. Extended terminal output (including apt-cache policy) is in
  python3.4_trusty_bug_terminal_output.txt . This problem has occured in
  https://bugs.launchpad.net/ubuntu/+source/python3.4/+bug/1503382/comments/4
  , but hasn't been articulated or resolved.

  I compared packages in security and updates and found significant 
differencies:
  1. [debian/pymindeps.py] subprocess key in excluded_imports is threading in 
security and dummy_threading in updates.
  2. [debian/PVER-minimal.README.Debian.in] Information about threading module 
differs.

  I made patch libpython3.4-minimal_3.4.0-2ubuntu1.1custompatch1.patch
  and applied to python3.4_3.4.0-2ubuntu1.1 . The result is available in
  https://launchpad.net/~bugchecker/+archive/ubuntu/python3-threading-
  trusty-sec . This patch may be incorrect but it works for me.

  Also I attached docker context for any experiments.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python3.4/+bug/1589288/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1592862] Re: Merge e2fsprogs from Debian 1.43.1-1

[Marc Deslauriers]

This bug was fixed in the package e2fsprogs - 1.43.1-1

---
e2fsprogs (1.43.1-1) unstable; urgency=medium

  * New upstream version
  * Fix the Direct I/O fallback code in the Unix I/O manager so it
implements read-modify-write correctly.
  * The mke2fs program will now warn if the user specifies a label which
is too long.  (Closes: #791630)
  * Clean up various man pages (Closes: #766379, #761144, #770750,
#428361, #766127)
  * Fix bug so that debugfs's rdump command works on the root directory
(Closes: #766125)
  * Fix various Debian packaging issues (Closes: #825868)
  * Build fully security hardened binaries

 -- Theodore Y. Ts'o   Tue, 07 Jun 2016 23:09:55 -0400

e2fsprogs (1.43-3) unstable; urgency=medium

  * Fix various debian packaging nits
  * Fix spelling mistakes in the copyright files
  * Fix various spelling mistakes in man pages
  * Fix project quota bugs in e2fsck and mke2fs
  * Build binaries with hardening support
  * Improve e2fsck messages when the journal superblock is corrupt and
the user declines to fix the journal.  (Closes: #768162)
  * Fix debugfs's handling of "set_bg  checksum calc" on 64-bit file
systems.
  * Simplify the debian rules file

 -- Theodore Y. Ts'o   Wed, 25 May 2016 00:51:33 -0400

e2fsprogs (1.43-2) unstable; urgency=medium

  * Update watch file to check for the GPG signatures
  * Use dh_update_autotools_control to update config.{guess,sub}
automatically when building the package.
  * Only try to run update-initramfs if it exists
  * Transition to dbgsym packages

 -- Theodore Y. Ts'o   Fri, 20 May 2016 14:07:40 -0400

e2fsprogs (1.43-1) unstable; urgency=medium

  * New upstream version
  * Fix or improve offset support in mke2fs, e2undo, and libext2fs
  * Update debian policy version to 3.9.8

 -- Theodore Y. Ts'o   Tue, 17 May 2016 01:04:28 -0400

e2fsprogs (1.43~WIP.2016.03.15-2) sid; urgency=low

  * Fix FTBFS on big-endian systems

 -- Theodore Y. Ts'o   Thu, 17 Mar 2016 22:55:52 -0400

e2fsprogs (1.43~WIP.2016.05.12-1) unstable; urgency=medium

  * New upstream version
  * Clean up various man pages and usage messages
  * Fix up gcc and Coverity warnings
  * Stop building static binaries using dietlibc
  * Fix potential out-of-boundary memory access in resize2fs
  * Fix sparse_super2 bugs in mke2fs and resize2fs
  * The mke2fs program will now support multiple -O options
  * The e2image program now ignores checksum error so that debugging
snapshots of a file system can be taken of a broken file system
  * E2fsck now more cleanly handles checksum errors while replaying the
journal
  * Fix e2fsck to not try to set a UUID if the metadata_csum feature is
enabled since this will break the checksums
  * Fix e2image so progress information won't get leaked to stdout
  * Fix bugs in "mke2fs -E offset=" (Closes: #803629)
  * Fix Hurd portability issues (Closes: #822576)
  * Update initramfs in e2fsprogs's postinst script so the initial
ramdisk gets the updated e2fsprogs binaries (Closes: #804237)
  * Work around texi2dvi bug which can cause build failures (Closes: #87)
  * E2fsck now prints "REBOOT SYSTEM" instead of "REBOOT LINUX" to
assuage the sensibilities of Hurd users (Closes: #769838)

 -- Theodore Y. Ts'o   Thu, 12 May 2016 00:18:45 -0400

e2fsprogs (1.43~WIP.2016.03.15-1) unstable; urgency=low

  * New upstream release
  * Fix resize2fs bug that could leave block allocation bitmaps
uninitialized
  * The tune2fs program will ask the user for confirmation before
starting dangerous operations if the terminal is available, and it
will replay the journal if necessary
  * Fix a bug which in rare cases would cause e2fsck -fD to corrupt an
extent-mapped directory.
  * E2fsck will now check for extent mapped inodes with no extent header
and clear them if found
  * E2fsck now checks to make sure the extended attribute header doesn't
result in the xattr extending beyond the bounds of the inode
  * Teach mke2fs to parse a human-readable argument for -i option
  * Teach mke2fs to automatically handle creating file systems > 500T by
automatically enable the meta_bg feature
  * Mke2fs will now prompt for user verification before rewriting a file
system's superblock using the -S option
  * Mke2fs no longer complains if the user tries to create a file system
using the entire block device (e.g., without using a partition).
The minor number convention is not used by all block devices, and
it's quite normal in some circumstances to create a file system
on /dev/sdc instead of /dev/sdc1
  * Debugfs now can properly display and set extended timestamps
  * Add an ext2/3/4 FUSE server
  * Fix an "mke2fs -d" bug which could create inodes with invalid
extended attribute blocks
  * Fix miscellaneous file encryption bugs
  * Fix miscellaneous MMP bugs in debugfs
  * The e2fsck 

[Touch-packages] [Bug 1599949] Re: NetworkManager Sets Wrong DNS Server When OpenVPN tun0 starts if ipv6 on underlying interface in Ubuntu 16.04

[Marc Deslauriers]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1599949

Title:
  NetworkManager Sets Wrong DNS Server When OpenVPN tun0 starts if ipv6
  on underlying interface in Ubuntu 16.04

Status in network-manager package in Ubuntu:
  New

Bug description:
  In Ubuntu 16.04 when I start an OpenVPN tunnel via the NetworkManager
  GUI over an outer interface for which only IPv4 is configured, only
  the DNS server that is reachable through the new tun0 interface is
  configured by network manager. This is correct, no DNS leakage outside
  the tunnel occurs.

  However, if I start OpenVPN and use an outer interface (over which
  tun0 flows) that has both IPv4 and IPv6 configured, the NetworkManager
  reports the DNS server of the outer interface and the DNS server of
  the tun0 interface to dnsmasq/resolvconf. This leads to DNS leakage
  outside tun0 and is a security issue as DNS queries are done inside
  and outside the tunnel. Here's the interesting part in syslog:

  -

  
  Jul  7 20:02:40 wlm NetworkManager[4694]:   [1467914560.9893] device 
(tun0): failed to disable userspace IPv6LL address handling
  Jul  7 20:02:40 wlm NetworkManager[4694]:   [1467914560.9897] device 
(tun0): state change: ip-config -> ip-check (reason 'none') [70 80 0]
  Jul  7 20:02:40 wlm NetworkManager[4694]:   [1467914560.9913] device 
(tun0): state change: ip-check -> secondaries (reason 'none') [80 90 0]
  Jul  7 20:02:40 wlm NetworkManager[4694]:   [1467914560.9917] device 
(tun0): state change: secondaries -> activated (reason 'none') [90 100 0]
  Jul  7 20:02:40 wlm NetworkManager[4694]:   [1467914560.9963] policy: 
set 'tun0' (tun0) as default for IPv4 routing and DNS
  Jul  7 20:02:41 wlm NetworkManager[4694]:   [1467914560.9967] dns-mgr: 
Writing DNS information to /sbin/resolvconf
  Jul  7 20:02:41 wlm systemd[1]: Starting Network Manager Script Dispatcher 
Service...
  Jul  7 20:02:41 wlm dnsmasq[16825]: setting upstream servers from DBus

  Jul  7 20:02:41 wlm dnsmasq[16825]: using nameserver 10.8.0.1#53
  Jul  7 20:02:41 wlm dnsmasq[16825]: using nameserver 192.168.42.1#53

  Jul  7 20:02:41 wlm dbus[878]: [system] Successfully activated service 
'org.freedesktop.nm_dispatcher'
  Jul  7 20:02:41 wlm nm-dispatcher: req:1 'vpn-up' [tun0]: new request (1 
scripts)

  
  ---

  Only 10.8.0.1 should be configured at this point. 192.168.42.1 should
  NOT be configure (and is not if the outer interface is IPv4 only!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1599949/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1599286] Re: gpg crashed with SIGABRT in g10_log_bug()

[Marc Deslauriers]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnupg in Ubuntu.
https://bugs.launchpad.net/bugs/1599286

Title:
  gpg crashed with SIGABRT in g10_log_bug()

Status in gnupg package in Ubuntu:
  New

Bug description:
  i was busyI don't knowwhat ppened

  ProblemType: Crash
  DistroRelease: Ubuntu 16.10
  Package: gnupg 1.4.20-1ubuntu3 [modified: usr/lib/gnupg/gpgkeys_curl 
usr/lib/gnupg/gpgkeys_hkp]
  ProcVersionSignature: Ubuntu 4.4.0-27.46-generic 4.4.13
  Uname: Linux 4.4.0-27-generic x86_64
  ApportVersion: 2.20.2-0ubuntu1
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Tue Jul  5 12:54:06 2016
  EcryptfsInUse: Yes
  ExecutablePath: /usr/bin/gpg
  InstallationDate: Installed on 2016-05-07 (59 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Alpha amd64 (20160307)
  ProcCmdline: gpg --import-options merge-only --with-colons --fixed-list-mode 
--with-fingerprint --with-fingerprint --with-key-data --list-public-keys
  Signal: 6
  SourcePackage: gnupg
  StacktraceTop:
   g10_log_bug (fmt=0x4d8ded "... this is a bug (%s:%d:%s)\n") at 
../../util/logger.c:241
   g10_log_bug0 (file=file@entry=0x4b4404 "../../g10/getkey.c", 
line=line@entry=2335, func=func@entry=0x4b4e48 <__FUNCTION__.8864> 
"merge_selfsigs") at ../../util/logger.c:249
   merge_selfsigs (keyblock=0xd9f0b0) at ../../g10/getkey.c:2335
   lookup (ctx=ctx@entry=0x7ffe63e66b20, 
ret_keyblock=ret_keyblock@entry=0x7ffe63e66b18, secmode=secmode@entry=0) at 
../../g10/getkey.c:2777
   get_pubkeyblock (keyid=keyid@entry=0x756a60) at ../../g10/getkey.c:470
  SystemImageInfo: Error: command ['system-image-cli', '-i'] failed with exit 
code 2:
  Title: gpg crashed with SIGABRT in g10_log_bug()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm audio cdrom dip lpadmin lxd plugdev pulse pulse-access 
sambashare sudo video

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1599286/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1600128] Re: package libgtk2.0-0 2.24.23-0ubuntu1 failed to install/upgrade: cannot copy extracted data for './usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.23' to '/usr/lib/i3

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1600128

Title:
  package libgtk2.0-0 2.24.23-0ubuntu1 failed to install/upgrade: cannot
  copy extracted data for './usr/lib/i386-linux-
  gnu/libgtk-x11-2.0.so.0.2400.23' to '/usr/lib/i386-linux-
  gnu/libgtk-x11-2.0.so.0.2400.23.dpkg-new': unexpected end of file or
  stream

Status in gtk+2.0 package in Ubuntu:
  New

Bug description:
  install ipscan

  ProblemType: Package
  DistroRelease: Ubuntu 14.04
  Package: libgtk2.0-0 2.24.23-0ubuntu1
  ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9
  Uname: Linux 3.13.0-24-generic i686
  ApportVersion: 2.14.1-0ubuntu3
  Architecture: i386
  Date: Fri Jul  8 11:28:58 2016
  DuplicateSignature: package:libgtk2.0-0:2.24.23-0ubuntu1:cannot copy 
extracted data for './usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.23' to 
'/usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.23.dpkg-new': unexpected end 
of file or stream
  ErrorMessage: cannot copy extracted data for 
'./usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.23' to 
'/usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.23.dpkg-new': unexpected end 
of file or stream
  InstallationDate: Installed on 2009-04-13 (2643 days ago)
  InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release i386 (20140417)
  SourcePackage: gtk+2.0
  Title: package libgtk2.0-0 2.24.23-0ubuntu1 failed to install/upgrade: cannot 
copy extracted data for './usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.23' 
to '/usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.23.dpkg-new': unexpected 
end of file or stream
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gtk+2.0/+bug/1600128/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1608185] Re: dnsmasq uses many ports

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dnsmasq in Ubuntu.
https://bugs.launchpad.net/bugs/1608185

Title:
  dnsmasq uses many ports

Status in dnsmasq package in Ubuntu:
  New

Bug description:
  The steps required to see that dnsmasq uses many ports are as follows:

1. Open the browser (e.g. Firefox)
2. Quickly open many websites on different tabs (3 websites are enough in 
my case)
3. The connection is slow, so it takes some time until it connects to the 
websites.
4. Before any connection to the website is made, execute:
  sudo netstat -veepa -n -W
   and the following ports will appear (some output was omitted for 
clarity):

  Proto Recv-Q Send-Q Local Address   Foreign Address State 
  User   Inode   PID/Program name
  tcp0  0 127.0.1.1:530.0.0.0:*   LISTEN
  0  44220   2983/dnsmasq
  udp0  0 0.0.0.0:75620.0.0.0:* 
  65534  47002   2983/dnsmasq
  udp0  0 0.0.0.0:48812   0.0.0.0:* 
  65534  48565   2983/dnsmasq
  udp0  0 0.0.0.0:20249   0.0.0.0:* 
  65534  46993   2983/dnsmasq
  udp0  0 0.0.0.0:41013   0.0.0.0:* 
  65534  46995   2983/dnsmasq
  udp0  0 127.0.1.1:530.0.0.0:* 
  0  44219   2983/dnsmasq
  udp0  0 0.0.0.0:57570   0.0.0.0:* 
  65534  49297   2983/dnsmasq
  udp0  0 0.0.0.0:20978   0.0.0.0:* 
  65534  48597   2983/dnsmasq
  udp0  0 0.0.0.0:17104   0.0.0.0:* 
  65534  48570   2983/dnsmasq
  udp0  0 0.0.0.0:48500.0.0.0:* 
  65534  46986   2983/dnsmasq
  udp0  0 0.0.0.0:62450   0.0.0.0:* 
  65534  48595   2983/dnsmasq
  udp0  0 0.0.0.0:10670.0.0.0:* 
  65534  46994   2983/dnsmasq
  udp0  0 0.0.0.0:13620   0.0.0.0:* 
  65534  47618   2983/dnsmasq
  udp0  0 0.0.0.0:97720.0.0.0:* 
  65534  47027   2983/dnsmasq
  udp0  0 0.0.0.0:54956   0.0.0.0:* 
  65534  48516   2983/dnsmasq
  udp0  0 0.0.0.0:38781   0.0.0.0:* 
  65534  48555   2983/dnsmasq
  udp0  0 0.0.0.0:30589   0.0.0.0:* 
  65534  46987   2983/dnsmasq
  udp0  0 0.0.0.0:30917   0.0.0.0:* 
  65534  47558   2983/dnsmasq

  The user 65534 is "nobody", By inspection of /etc/passwd:

  nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin

  
  I'm using Dnsmasq version 2.68 on Ubuntu 14.04.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1608185/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1512068] Re: Python ctypes.util , Shell Injection in find_library()

[Marc Deslauriers]

** Changed in: python2.7 (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1512068

Title:
  Python ctypes.util , Shell Injection in find_library()

Status in Python:
  Fix Released
Status in python2.7 package in Ubuntu:
  Confirmed

Bug description:
  https://github.com/Legrandin/ctypes/issues/1

  The find_library() function can execute code when special chars like ;|`<>$ 
are in the name.
  The "os.popen()" calls in the util.py script should be replaced with 
"subprocess.Popen()".

  Demo Exploits for Linux :
  

  >>> from ctypes.util import find_library
  >>> find_library(";xeyes")# runs  xeyes 
  >>> find_library("|xterm")# runs terminal
  >>> find_library("")# runs gimp
  >>> find_library("$(nautilus)")  # runs filemanager
  >>> find_library(">test")   # creates, and if exists, 
erases a file "test"

   Traceback 

  >>> find_library("`xmessage hello`")# shows a message, press ctrl+c for 
Traceback
  ^CTraceback (most recent call last):
File "", line 1, in 
File "/usr/lib/python3.4/ctypes/util.py", line 244, in find_library
  return _findSoname_ldconfig(name) or _get_soname(_findLib_gcc(name))
File "/usr/lib/python3.4/ctypes/util.py", line 99, in _findLib_gcc
  trace = f.read()
  KeyboardInterrupt

  ProblemType: Bug
  DistroRelease: Ubuntu 15.10
  Package: libpython2.7-stdlib 2.7.10-4ubuntu1
  ProcVersionSignature: Ubuntu 4.2.0-16.19-generic 4.2.3
  Uname: Linux 4.2.0-16-generic x86_64
  ApportVersion: 2.19.1-0ubuntu4
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Sun Nov  1 10:34:38 2015
  InstallationDate: Installed on 2015-10-09 (22 days ago)
  InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20151009)
  SourcePackage: python2.7
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/python/+bug/1512068/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1583388] Re: Information about Ubuntu system automatically written to iPod

[Marc Deslauriers]

** Information type changed from Private Security to Public Security

** Changed in: util-linux (Ubuntu)
   Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1583388

Title:
  Information about Ubuntu system automatically written to iPod

Status in util-linux package in Ubuntu:
  Triaged

Bug description:
  On Xubuntu 16.04, I connected an iPod Nano 5th Generation (8 GB) to my
  computer. After working on the files on the iPod from within the
  terminal for a while, I found that the almost 21 MB file
  /media/username/DEVICENAME/iPod_Control/iTunes/iTunesControl contained
  sensitive information about my Ubuntu system, such as my username,
  commands that I had run recently, commands that I had run a long time
  ago, the full paths of some of those commands, environment variables,
  my UID, and text that appeared in my terminal window (such as the
  prompt, which included a path that I was on; it even included ANSI
  escape sequences for the prompt).

  I've attached the output of `strings iTunesControl`, with my username,
  hostname, and the iPod device name changed.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: mount 2.27.1-6ubuntu3
  ProcVersionSignature: Ubuntu 4.4.0-22.40-generic 4.4.8
  Uname: Linux 4.4.0-22-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Wed May 18 20:12:03 2016
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2013-04-04 (1140 days ago)
  InstallationMedia: Lubuntu 12.10 "Quantal Quetzal" - Release amd64 
(20121017.1)
  SourcePackage: util-linux
  UpgradeStatus: Upgraded to xenial on 2016-03-25 (54 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1583388/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1590163] Re: disable export grade ciphers

[Marc Deslauriers]

** Changed in: openssl (Ubuntu)
   Status: New => Confirmed

** Changed in: openssl (Ubuntu)
   Importance: Undecided => Wishlist

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1590163

Title:
  disable export grade ciphers

Status in openssl package in Ubuntu:
  Confirmed

Bug description:
  # System

  device: Aquaris BQ E4.5
  OS: Ubuntu 15.04, OTA-11 
  OpenSSL version:
$dpkg --list |grep libssl
  ii  libssl1.0.0:armhf1.0.1f-1ubuntu11.6   
  armhfSecure Sockets Layer toolkit 
- shared libraries

  
  # Observed behaviour

  OpenSSL provides export grade ciphers:

$openssl ciphers -v EXP
  EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=RSA  Enc=DES(40)   Mac=SHA1 
export
  EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=DSS  Enc=DES(40)   Mac=SHA1 
export
  EXP-ADH-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=None Enc=DES(40)   Mac=SHA1 
export
  EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA  Enc=DES(40)   Mac=SHA1 
export
  EXP-RC2-CBC-MD5 SSLv3 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  
export
  EXP-ADH-RC4-MD5 SSLv3 Kx=DH(512)  Au=None Enc=RC4(40)   Mac=MD5  
export
  EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  
export

  
  # Expected behaviour

  No export grade ciphers are provided in binaries.

  
  # Rationale

  Export grade ciphers are insecure.  By design.  In response to FREAK and
  Logjam attacks, OpenSSL developers disabled export grade ciphers in
  OpenSSL v1.0.1m (March 2015),
  cf. 
.

  To bypass similar future attacks, deactivation of export grade ciphers should 
be
  backported to 15.04.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1590163/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1086783] Re: New PolicyKit 0.106 changes configuration file format

[Marc Deslauriers]

mozjs hasn't gotten any security updates in _years_, so no, we're not
going to be able to support that package in main.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to policykit-1 in Ubuntu.
https://bugs.launchpad.net/bugs/1086783

Title:
  New PolicyKit 0.106 changes configuration file format

Status in policykit-1 package in Ubuntu:
  Triaged
Status in policykit-1 package in Debian:
  Fix Released

Bug description:
  From the NEWS file:

  This is polkit 0.106. There's a major change in this release which is
  a switch from .pkla files (keyfile-format) to .rules files
  (JavaScript).

  We may want to hold off on the new version because it requires
  rewriting the configuration files, and adds a dependency on mozjs185,
  which will need a MIR (and getting a MIR may be problematic)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1086783/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1363482] Re: ubuntu-keyring includes 1024D keys

[Marc Deslauriers]

Adam,

Any progress on getting the precise archive signed with the newer keys?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ubuntu-keyring in Ubuntu.
https://bugs.launchpad.net/bugs/1363482

Title:
  ubuntu-keyring includes 1024D keys

Status in Ubuntu CD Images:
  Fix Released
Status in ubuntu-keyring package in Ubuntu:
  Confirmed

Bug description:
  ubuntu-keyring as shipped in trusty contains old 1024D keys dating
  back to 2004 which are still being trusted for the main archive:

   % gpg /usr/share/keyrings/ubuntu-archive-keyring.gpg | grep 1024D
  pub  1024D/437D05B5 2004-09-12 Ubuntu Archive Automatic Signing Key 

  pub  1024D/FBB75451 2004-12-30 Ubuntu CD Image Automatic Signing Key 


  Given that newer 4096R keys are present and have been in precise
  (through -updates) and trusty, it seems to be about time to drop the
  older keys. (In the hope that apt does not chose on signatures it
  cannot verify, otherwise the publisher would need to stop signing with
  the old key as well.)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-cdimage/+bug/1363482/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1643467] Re: Firefox 50 blocks Ubuntu 12.04 and 14.04 LTS's version of libavcodec

[Marc Deslauriers]

For this to be resolved in Ubuntu 12.04 LTS, an appropriate fix needs to
be written for libav 0.8. Updating to a newer libav isn't an option as
the API has changed and that would break compatibility with all the
software using libav in the archive. Once a fix has been written,
Mozilla would then need to unblock libav in Firefox.

This is unlikely to happen before 12.04.5 LTS reaches end of life in a
few weeks.

I recommend updating to a newer Ubuntu release, such as 14.04 LTS, or
preferably 16.04 LTS now if this is an important issue rather than
waiting until the end of life of 12.04 LTS in a few weeks.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libav in Ubuntu.
https://bugs.launchpad.net/bugs/1643467

Title:
  Firefox 50 blocks Ubuntu 12.04 and 14.04 LTS's version of libavcodec

Status in libav:
  Unknown
Status in firefox package in Ubuntu:
  Confirmed
Status in libav package in Ubuntu:
  Invalid
Status in firefox source package in Precise:
  Fix Released
Status in libav source package in Precise:
  Confirmed
Status in firefox source package in Trusty:
  Fix Released
Status in libav source package in Trusty:
  Fix Released

Bug description:
  Whenever it tries to play a video, Firefox 50 displays this message at the 
top of every page:
  "libavcodec may be vulnerable or is not supported, and should be updated to 
play video"

  https://dxr.mozilla.org/mozilla-central/source/browser/locales/en-
  
US/chrome/browser/browser.properties?q=%22libavcodec+may+be+vulnerable%22_type=single#742

  Firefox refuses any libavcodec version prior to 54.35.1 (unless
  media.libavcodec.allow-obsolete==true).

  https://dxr.mozilla.org/mozilla-
  central/source/dom/media/platforms/ffmpeg/FFmpegLibWrapper.cpp#60

  Users should not be subjected to this warning, as it is vague (does not 
instruct them how to fix it).
  Ubuntu 14.04 LTS should ship with an updated version of libavcodec.

  DistroRelease: Ubuntu 14.04
  Package: firefox 50.0+build2-0ubuntu0.14.04.2

To manage notifications about this bug go to:
https://bugs.launchpad.net/libav/+bug/1643467/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1667658] Re: signon-ui crashed with SIGSEGV in QWindow::show()

[Marc Deslauriers]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to signon-ui in Ubuntu.
https://bugs.launchpad.net/bugs/1667658

Title:
  signon-ui crashed with SIGSEGV in QWindow::show()

Status in signon-ui package in Ubuntu:
  New

Bug description:
  NA

  ProblemType: Crash
  DistroRelease: Ubuntu 17.04
  Package: signon-ui-x11 0.17+17.04.20161109-0ubuntu1
  Uname: Linux 4.10.0-041000-lowlatency x86_64
  ApportVersion: 2.20.4-0ubuntu2
  Architecture: amd64
  CrashCounter: 1
  CurrentDesktop: Unity:Unity7
  Date: Fri Feb 24 18:45:43 2017
  ExecutablePath: /usr/bin/signon-ui
  InstallationDate: Installed on 2017-02-24 (0 days ago)
  InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Alpha amd64 (20170224)
  ProcCmdline: /usr/bin/signon-ui
  SegvAnalysis:
   Segfault happened at: 0x7f5ae5b478de <_ZN7QWindow4showEv+14>:mov
0x8(%rbx),%rax
   PC (0x7f5ae5b478de) ok
   source "0x8(%rbx)" (0x0008) not located in a known VMA region (needed 
readable region)!
   destination "%rax" ok
  SegvReason: reading NULL VMA
  Signal: 11
  SourcePackage: signon-ui
  StacktraceTop:
   QWindow::show() () from /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5
   ?? ()
   ?? ()
   ?? ()
   ?? ()
  Title: signon-ui crashed with SIGSEGV in QWindow::show()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/signon-ui/+bug/1667658/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1667372] Re: package python-decorator 4.0.6-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python-decorator in
Ubuntu.
https://bugs.launchpad.net/bugs/1667372

Title:
  package python-decorator 4.0.6-1 failed to install/upgrade: subprocess
  installed post-installation script returned error exit status 127

Status in python-decorator package in Ubuntu:
  New

Bug description:
  error message when boot system

  ProblemType: Package
  DistroRelease: Ubuntu 16.04
  Package: python-decorator 4.0.6-1
  ProcVersionSignature: Ubuntu 4.4.0-63.84-generic 4.4.44
  Uname: Linux 4.4.0-63-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia
  ApportVersion: 2.20.1-0ubuntu2.4
  Architecture: amd64
  Date: Wed Feb 22 22:16:54 2017
  Dependencies:
   
  DuplicateSignature:
   package:python-decorator:4.0.6-1
   Setting up python-decorator (4.0.6-1) ...
   /var/lib/dpkg/info/python-decorator.postinst: 6: 
/var/lib/dpkg/info/python-decorator.postinst: pycompile: not found
   dpkg: error processing package python-decorator (--configure):
subprocess installed post-installation script returned error exit status 127
  ErrorMessage: subprocess installed post-installation script returned error 
exit status 127
  InstallationDate: Installed on 2016-12-06 (78 days ago)
  InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 
(20160719)
  PackageArchitecture: all
  RelatedPackageVersions:
   dpkg 1.18.4ubuntu1.1
   apt  1.2.19
  SourcePackage: python-decorator
  Title: package python-decorator 4.0.6-1 failed to install/upgrade: subprocess 
installed post-installation script returned error exit status 127
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-decorator/+bug/1667372/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1667218] Re: Help bugs/system crashes

[Marc Deslauriers]

Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.

Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally,
in the report please include:

1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System -> 
About Ubuntu.
2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by 
checking in Synaptic.
3) What happened and what you expected to happen.

The Ubuntu community has also created debugging procedures for a wide
variety of packages at https://wiki.ubuntu.com/DebuggingProcedures .
Following the debugging instructions for the affected package will make
your bug report much more complete. Thanks!


** Information type changed from Private Security to Public

** Changed in: xorg (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1667218

Title:
  Help bugs/system crashes

Status in xorg package in Ubuntu:
  Invalid

Bug description:
  Please help I am exhausted and cannot take much more of life and need
  a F#% computer to work as I have NEVER had issues since ubuntu
  10.04

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: xorg 1:7.7+13ubuntu3
  ProcVersionSignature: Ubuntu 4.4.0-64.85-generic 4.4.44
  Uname: Linux 4.4.0-64-generic x86_64
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.20.1-0ubuntu2.5
  Architecture: amd64
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: compiz
  CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0'
  CompositorUnredirectFSW: true
  Date: Wed Feb 22 23:56:56 2017
  DistUpgraded: Fresh install
  DistroCodename: xenial
  DistroVariant: ubuntu
  ExtraDebuggingInterest: Yes
  GraphicsCard:
   Intel Corporation 2nd Generation Core Processor Family Integrated Graphics 
Controller [8086:0106] (rev 09) (prog-if 00 [VGA controller])
 Subsystem: ASUSTeK Computer Inc. 2nd Generation Core Processor Family 
Integrated Graphics Controller [1043:13c7]
  InstallationDate: Installed on 2016-12-31 (53 days ago)
  InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 
(20160719)
  MachineType: ASUSTeK Computer Inc. K54C
  ProcEnviron:
   LANGUAGE=en_CA:en
   PATH=(custom, no user)
   LANG=en_CA.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-64-generic 
root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=7
  SourcePackage: xorg
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 04/18/2012
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: K54C.207
  dmi.board.asset.tag: ATN12345678901234567
  dmi.board.name: K54C
  dmi.board.vendor: ASUSTeK Computer Inc.
  dmi.board.version: 1.0
  dmi.chassis.asset.tag: ATN12345678901234567
  dmi.chassis.type: 10
  dmi.chassis.vendor: ASUSTeK Computer Inc.
  dmi.chassis.version: 1.0
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvrK54C.207:bd04/18/2012:svnASUSTeKComputerInc.:pnK54C:pvr1.0:rvnASUSTeKComputerInc.:rnK54C:rvr1.0:cvnASUSTeKComputerInc.:ct10:cvr1.0:
  dmi.product.name: K54C
  dmi.product.version: 1.0
  dmi.sys.vendor: ASUSTeK Computer Inc.
  version.compiz: compiz 1:0.9.12.2+16.04.20160823-0ubuntu1
  version.ia32-libs: ia32-libs N/A
  version.libdrm2: libdrm2 2.4.70-1~ubuntu16.04.1
  version.libgl1-mesa-dri: libgl1-mesa-dri 12.0.6-0ubuntu0.16.04.1
  version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
  version.libgl1-mesa-glx: libgl1-mesa-glx 12.0.6-0ubuntu0.16.04.1
  version.xserver-xorg-core: xserver-xorg-core 2:1.18.4-0ubuntu0.2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.1-1ubuntu2
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.7.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20160325-1ubuntu1.2
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.12-1build2
  xserver.bootTime: Wed Feb 22 23:49:22 2017
  xserver.configfile: default
  xserver.errors:
   
  xserver.logfile: /var/log/Xorg.0.log
  xserver.outputs:
   product id 732 
   vendor LGD
  xserver.version: 2:1.18.4-0ubuntu0.2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1667218/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1666049] Re: I cant download the apps i want

[Marc Deslauriers]

Thanks for your comments. This does not appear to be a bug report and we
are closing it. We appreciate the difficulties you are facing, but it
would make more sense to raise your question in the support tracker.
Please visit https://answers.launchpad.net/ubuntu/+addquestion

** Information type changed from Private Security to Public

** Changed in: xorg (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1666049

Title:
  I cant download the apps i want

Status in xorg package in Ubuntu:
  Invalid

Bug description:
  it has been two days since i upgraded my software but since then i was
  not able to download other software from ubntu software sener

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: xorg 1:7.7+13ubuntu3
  ProcVersionSignature: Ubuntu 4.4.0-63.84~14.04.2-generic 4.4.44
  Uname: Linux 4.4.0-63-generic i686
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.20.1-0ubuntu2.5
  Architecture: i386
  BootLog:
   [  OK  ] Started LSB: Speech Dispatcher.
   [  OK  ] Started LSB: Set the CPU Frequency Scaling governor to 
"ondemand".
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: compiz
  CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0'
  CompositorUnredirectFSW: true
  Date: Sun Feb 19 21:46:19 2017
  DistUpgraded: Fresh install
  DistroCodename: xenial
  DistroVariant: ubuntu
  ExtraDebuggingInterest: Yes, including running git bisection searches
  GraphicsCard:
   Intel Corporation Mobile 945GM/GMS, 943/940GML Express Integrated Graphics 
Controller [8086:27a2] (rev 03) (prog-if 00 [VGA controller])
 Subsystem: Intel Corporation Mobile 945GM/GMS, 943/940GML Express 
Integrated Graphics Controller [8086:7270]
 Subsystem: Intel Corporation Mobile 945GM/GMS/GME, 943/940GML Express 
Integrated Graphics Controller [8086:7270]
  InstallationDate: Installed on 2016-02-23 (362 days ago)
  InstallationMedia: Ubuntu 14.04.3 LTS "Trusty Tahr" - Beta i386 (20150805)
  MachineType: Apple Inc. MacBook2,1
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-63-generic 
root=UUID=9ecda836-300e-4f09-b579-cc61bb044a19 ro quiet splash vt.handoff=7
  SourcePackage: xorg
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 06/27/07
  dmi.bios.vendor: Apple Inc.
  dmi.bios.version: MB21.88Z.00A5.B07.0706270922
  dmi.board.asset.tag: Base Board Asset Tag
  dmi.board.name: Mac-F4208CAA
  dmi.board.vendor: Apple Inc.
  dmi.board.version: PVT
  dmi.chassis.asset.tag: Asset Tag
  dmi.chassis.type: 10
  dmi.chassis.vendor: Apple Inc.
  dmi.chassis.version: Mac-F4208CAA
  dmi.modalias: 
dmi:bvnAppleInc.:bvrMB21.88Z.00A5.B07.0706270922:bd06/27/07:svnAppleInc.:pnMacBook2,1:pvr1.0:rvnAppleInc.:rnMac-F4208CAA:rvrPVT:cvnAppleInc.:ct10:cvrMac-F4208CAA:
  dmi.product.name: MacBook2,1
  dmi.product.version: 1.0
  dmi.sys.vendor: Apple Inc.
  version.compiz: compiz 1:0.9.12.2+16.04.20160823-0ubuntu1
  version.libdrm2: libdrm2 2.4.70-1~ubuntu16.04.1
  version.libgl1-mesa-dri: libgl1-mesa-dri 12.0.6-0ubuntu0.16.04.1
  version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
  version.libgl1-mesa-glx: libgl1-mesa-glx 12.0.6-0ubuntu0.16.04.1
  version.xserver-xorg-core: xserver-xorg-core 2:1.18.4-0ubuntu0.2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.1-1ubuntu2
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.7.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20160325-1ubuntu1.2
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.12-1build2
  xserver.bootTime: Sun Feb 19 20:42:24 2017
  xserver.configfile: default
  xserver.errors:
   
  xserver.logfile: /var/log/Xorg.0.log
  xserver.outputs:
   product id   40028 
   vendor APP
  xserver.version: 2:1.18.4-0ubuntu0.2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1666049/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1667503] Re: El sistema es muy lento

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1667503

Title:
  El sistema es muy lento

Status in xorg package in Ubuntu:
  New

Bug description:
  Utilizo ubuntu 15.04

  ProblemType: Bug
  DistroRelease: Ubuntu 15.04
  Package: xorg 1:7.7+7ubuntu4
  ProcVersionSignature: Ubuntu 3.19.0-80.88-generic 3.19.8-ckt22
  Uname: Linux 3.19.0-80-generic x86_64
  ApportVersion: 2.17.2-0ubuntu1.8
  Architecture: amd64
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: None
  Date: Thu Feb 23 17:22:55 2017
  DistUpgraded: 2017-01-09 00:45:28,018 DEBUG enabling apt cron job
  DistroCodename: vivid
  DistroVariant: ubuntu
  GraphicsCard:
   Advanced Micro Devices, Inc. [AMD/ATI] Wrestler [Radeon HD 6310] [1002:9803] 
(prog-if 00 [VGA controller])
 Subsystem: Sony Corporation Device [104d:9082]
  InstallationDate: Installed on 2016-08-20 (187 days ago)
  InstallationMedia: Xubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422.1)
  MachineType: Sony Corporation VPCYB10AL
  ProcEnviron:
   LANGUAGE=es_AR:es
   PATH=(custom, no user)
   LANG=es_AR.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.19.0-80-generic 
root=UUID=0eb47a11-7bd6-4d5a-90c7-29f4fae24f9f ro quiet splash vt.handoff=7
  SourcePackage: xorg
  UdevLog: Error: [Errno 2] No existe el archivo o el directorio: 
'/var/log/udev'
  UpgradeStatus: Upgraded to vivid on 2017-01-09 (45 days ago)
  dmi.bios.date: 09/13/2011
  dmi.bios.vendor: Insyde Corp.
  dmi.bios.version: R0162Z7
  dmi.board.asset.tag: N/A
  dmi.board.name: VAIO
  dmi.board.vendor: Sony Corporation
  dmi.board.version: N/A
  dmi.chassis.asset.tag: N/A
  dmi.chassis.type: 10
  dmi.chassis.vendor: Sony Corporation
  dmi.chassis.version: N/A
  dmi.modalias: 
dmi:bvnInsydeCorp.:bvrR0162Z7:bd09/13/2011:svnSonyCorporation:pnVPCYB10AL:pvrC9006R37:rvnSonyCorporation:rnVAIO:rvrN/A:cvnSonyCorporation:ct10:cvrN/A:
  dmi.product.name: VPCYB10AL
  dmi.product.version: C9006R37
  dmi.sys.vendor: Sony Corporation
  version.compiz: compiz N/A
  version.ia32-libs: ia32-libs N/A
  version.libdrm2: libdrm2 2.4.60-2
  version.libgl1-mesa-dri: libgl1-mesa-dri 10.5.9-2ubuntu1~vivid2
  version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
  version.libgl1-mesa-glx: libgl1-mesa-glx 10.5.9-2ubuntu1~vivid2
  version.xserver-xorg-core: xserver-xorg-core 2:1.17.1-0ubuntu3.1
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.9.0-1ubuntu2
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.5.0-1ubuntu2
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917-1~exp1ubuntu2.3
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.11-1ubuntu2build1
  xserver.bootTime: Thu Feb 23 17:19:06 2017
  xserver.configfile: default
  xserver.errors:
   
  xserver.logfile: /var/log/Xorg.0.log
  xserver.version: 2:1.17.1-0ubuntu3.1
  xserver.video_driver: radeon

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1667503/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1667569] Re: package linux-image-4.4.0-64-generic 4.4.0-64.85 failed to install/upgrade: run-parts: /etc/kernel/postinst.d/apt-auto-removal exited with return code 2

[Marc Deslauriers]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1667569

Title:
  package linux-image-4.4.0-64-generic 4.4.0-64.85 failed to
  install/upgrade: run-parts: /etc/kernel/postinst.d/apt-auto-removal
  exited with return code 2

Status in apt package in Ubuntu:
  New

Bug description:
  my update option in not working give error message W: Unable to read
  /etc/apt/apt.conf.d/ - DirectoryExists (2: No such file or directory)
  and my wifi option not came how to fix it

  ProblemType: Package
  DistroRelease: Ubuntu 16.04
  Package: linux-image-4.4.0-64-generic 4.4.0-64.85
  ProcVersionSignature: Ubuntu 4.4.0-62.83-generic 4.4.40
  Uname: Linux 4.4.0-62-generic i686
  ApportVersion: 2.20.1-0ubuntu2.5
  Architecture: i386
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  agnisys03   2084 F pulseaudio
  Date: Thu Feb 23 23:35:05 2017
  ErrorMessage: run-parts: /etc/kernel/postinst.d/apt-auto-removal exited with 
return code 2
  HibernationDevice: RESUME=UUID=e7184cb7-23c1-4872-afda-17a379043dea
  InstallationDate: Installed on 2016-03-12 (348 days ago)
  InstallationMedia: It
  IwConfig:
   enx64d4da695796  no wireless extensions.
   
   lono wireless extensions.
   
   enp3s0no wireless extensions.
  MachineType: ASUSTeK Computer Inc. U56E
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-62-generic 
root=UUID=9e60c12c-47c3-42c7-8d17-f6bc68d7897b ro quiet splash vt.handoff=7
  PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No 
PulseAudio daemon running, or not running as session daemon.
  RelatedPackageVersions: grub-pc 2.02~beta2-36ubuntu3.7
  RfKill:
   0: i2400m-usb:1-1.1:1.0: WiMAX
Soft blocked: yes
Hard blocked: no
  SourcePackage: apt
  Title: package linux-image-4.4.0-64-generic 4.4.0-64.85 failed to 
install/upgrade: run-parts: /etc/kernel/postinst.d/apt-auto-removal exited with 
return code 2
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 12/21/2011
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: U56E.213
  dmi.board.asset.tag: ATN12345678901234567
  dmi.board.name: U56E
  dmi.board.vendor: ASUSTeK Computer Inc.
  dmi.board.version: 1.0
  dmi.chassis.asset.tag: No Asset Tag
  dmi.chassis.type: 10
  dmi.chassis.vendor: ASUSTeK Computer Inc.
  dmi.chassis.version: 1.0
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvrU56E.213:bd12/21/2011:svnASUSTeKComputerInc.:pnU56E:pvr1.0:rvnASUSTeKComputerInc.:rnU56E:rvr1.0:cvnASUSTeKComputerInc.:ct10:cvr1.0:
  dmi.product.name: U56E
  dmi.product.version: 1.0
  dmi.sys.vendor: ASUSTeK Computer Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1667569/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp